Merge pull request wso2#3483 from VirajSalaka/jwks-url-fix

Add a log to indicate errors related to JWKS request in enforcer

enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/validator/JWTValidator.java

@@ -19,6 +19,7 @@
 package org.wso2.choreo.connect.enforcer.security.jwt.validator;
 
 import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.RemoteKeySourceException;
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.RSAKey;
 import com.nimbusds.jwt.JWTClaimsSet;
@@ -114,10 +115,10 @@ private JWTValidationInfo validateToken(SignedJWTInfo signedJWTInfo, ExtendedTok
 
     protected boolean validateSignature(SignedJWT signedJWT, ExtendedTokenIssuerDto tokenIssuer)
             throws EnforcerException {
+        String certificateAlias = tokenIssuer.getCertificateAlias();
+        String keyID = signedJWT.getHeader().getKeyID();
+        String jwksUrl = tokenIssuer.getJwksConfigurationDTO().getUrl();
         try {
-            String certificateAlias = tokenIssuer.getCertificateAlias();
-            String keyID = signedJWT.getHeader().getKeyID();
-            String jwksUrl = tokenIssuer.getJwksConfigurationDTO().getUrl();
             if (StringUtils.isNotEmpty(keyID)) {
                 if (tokenIssuer.getJwksConfigurationDTO().isEnabled() && StringUtils
                         .isNotEmpty(jwksUrl)) {
@@ -156,6 +157,9 @@ protected boolean validateSignature(SignedJWT signedJWT, ExtendedTokenIssuerDto
                 }
             }
             return JWTUtils.verifyTokenSignature(signedJWT, certificateAlias);
+        } catch (RemoteKeySourceException e) {
+            logger.error("Error while retrieving the JWKSet from the remote endpoint : " + jwksUrl, e);
+            throw new EnforcerException("JWT Signature verification failed", e);
         } catch (JOSEException | IOException e) {
             throw new EnforcerException("JWT Signature verification failed", e);
         }