From 961662a10e35e9deefeb6e6dae969ffef40b8e55 Mon Sep 17 00:00:00 2001
From: ykiakao <ykiakao@gmail.com>
Date: Thu, 21 May 2026 12:45:28 -0500
Subject: [PATCH] Add JWT key diagnostics

---
 app/Http/Middleware/JwtAuthMiddleware.php | 14 +++++++++++---
 routes/api.php                            | 13 +++++++++++++
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/app/Http/Middleware/JwtAuthMiddleware.php b/app/Http/Middleware/JwtAuthMiddleware.php
index fb158d5..3321393 100644
--- a/app/Http/Middleware/JwtAuthMiddleware.php
+++ b/app/Http/Middleware/JwtAuthMiddleware.php
@@ -45,8 +45,10 @@ class JwtAuthMiddleware
 
             return $next($request);
 
-        } catch (\Exception $e) {
+        } catch (\InvalidArgumentException $e) {
             return response()->json(['message' => 'Invalid or expired token'], 401);
+        } catch (\Throwable $e) {
+            return response()->json(['message' => $e->getMessage()], 500);
         }
     }
 
@@ -94,13 +96,19 @@ class JwtAuthMiddleware
         $publicKey = str_replace('\\n', "\n", (string) config('jwt.public_key'));
 
         if ($publicKey === '') {
-            return false;
+            throw new \RuntimeException('JWT public key is empty');
+        }
+
+        $keyResource = openssl_pkey_get_public($publicKey);
+
+        if ($keyResource === false) {
+            throw new \RuntimeException(openssl_error_string() ?: 'OpenSSL could not read JWT public key');
         }
 
         return openssl_verify(
             $header . '.' . $payload,
             $signature,
-            $publicKey,
+            $keyResource,
             OPENSSL_ALGO_SHA256
         ) === 1;
     }
diff --git a/routes/api.php b/routes/api.php
index 1ff7f7f..90b58a5 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -20,3 +20,16 @@ Route::prefix('v1')->middleware(['jwt.auth'])->group(function () {
     // Jogos
     Route::get('/games/most-played', [GameController::class, 'mostPlayed']);
 });
+
+Route::get('/health-check-key', function () {
+    $rawPublicKey = (string) config('jwt.public_key');
+    $formattedPublicKey = str_replace('\\n', "\n", $rawPublicKey);
+    $publicKeyResource = openssl_pkey_get_public($formattedPublicKey);
+
+    return response()->json([
+        'raw_key_empty' => $rawPublicKey === '',
+        'key_length' => strlen($formattedPublicKey),
+        'openssl_accepted' => $publicKeyResource !== false,
+        'openssl_error' => openssl_error_string(),
+    ]);
+});