From 6c54a438dd6cad9cacca9d135f20e746db76168d Mon Sep 17 00:00:00 2001
From: ykiakao <ykiakao@gmail.com>
Date: Thu, 21 May 2026 13:39:42 -0500
Subject: [PATCH] Recover malformed JWT public key end marker

---
 app/Http/Middleware/JwtAuthMiddleware.php | 12 ++++++++++++
 routes/api.php                            | 11 +++++++++++
 routes/web.php                            | 11 +++++++++++
 3 files changed, 34 insertions(+)

diff --git a/app/Http/Middleware/JwtAuthMiddleware.php b/app/Http/Middleware/JwtAuthMiddleware.php
index 99fd569..812163f 100644
--- a/app/Http/Middleware/JwtAuthMiddleware.php
+++ b/app/Http/Middleware/JwtAuthMiddleware.php
@@ -166,6 +166,18 @@ class JwtAuthMiddleware
                 . "-----END {$type}-----\n";
         }
 
+        if (preg_match('/-----BEGIN ([A-Z ]*PUBLIC KEY)-----(.*)/s', $publicKey, $matches)) {
+            $type = $matches[1];
+            $bodySource = preg_split('/-----END|END\s+(?:RSA\s+)?PUBLIC\s+KEY/i', $matches[2], 2)[0];
+            $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $bodySource);
+
+            if (strlen($body) > 100) {
+                return "-----BEGIN {$type}-----\n"
+                    . chunk_split($body, 64, "\n")
+                    . "-----END {$type}-----\n";
+            }
+        }
+
         if (!str_contains($publicKey, '-----BEGIN')) {
             $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $publicKey);
 
diff --git a/routes/api.php b/routes/api.php
index ade1adf..68157e6 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -50,6 +50,17 @@ Route::get('/health-check-key', function () {
         $formattedPublicKey = "-----BEGIN {$pemType}-----\n"
             . chunk_split($body, 64, "\n")
             . "-----END {$pemType}-----\n";
+    } elseif (preg_match('/-----BEGIN ([A-Z ]*PUBLIC KEY)-----(.*)/s', $formattedPublicKey, $matches)) {
+        $pemType = $matches[1];
+        $bodySource = preg_split('/-----END|END\s+(?:RSA\s+)?PUBLIC\s+KEY/i', $matches[2], 2)[0];
+        $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $bodySource);
+        $bodyLength = strlen($body);
+
+        if ($bodyLength > 100) {
+            $formattedPublicKey = "-----BEGIN {$pemType}-----\n"
+                . chunk_split($body, 64, "\n")
+                . "-----END {$pemType}-----\n";
+        }
     } elseif (!str_contains($formattedPublicKey, '-----BEGIN')) {
         $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $formattedPublicKey);
         $bodyLength = strlen($body);
diff --git a/routes/web.php b/routes/web.php
index fbba580..fc6ac1b 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -37,6 +37,17 @@ Route::get('/health-check-key', function () {
         $formattedPublicKey = "-----BEGIN {$pemType}-----\n"
             . chunk_split($body, 64, "\n")
             . "-----END {$pemType}-----\n";
+    } elseif (preg_match('/-----BEGIN ([A-Z ]*PUBLIC KEY)-----(.*)/s', $formattedPublicKey, $matches)) {
+        $pemType = $matches[1];
+        $bodySource = preg_split('/-----END|END\s+(?:RSA\s+)?PUBLIC\s+KEY/i', $matches[2], 2)[0];
+        $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $bodySource);
+        $bodyLength = strlen($body);
+
+        if ($bodyLength > 100) {
+            $formattedPublicKey = "-----BEGIN {$pemType}-----\n"
+                . chunk_split($body, 64, "\n")
+                . "-----END {$pemType}-----\n";
+        }
     } elseif (!str_contains($formattedPublicKey, '-----BEGIN')) {
         $body = preg_replace('/[^A-Za-z0-9+\/=]/', '', $formattedPublicKey);
         $bodyLength = strlen($body);