From f1d5c3147f5df1631ec222395094082cd1c436d4 Mon Sep 17 00:00:00 2001
From: lobodol <grobodol@gmail.com>
Date: Mon, 11 Jul 2022 11:08:43 +0200
Subject: [PATCH] feat: try to invalidate realpath cache if keypair loading
 failed

---
 Services/KeyLoader/AbstractKeyLoader.php | 23 +++++++++++++++++++++--
 Services/KeyLoader/OpenSSLKeyLoader.php  | 10 +++++++++-
 2 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/Services/KeyLoader/AbstractKeyLoader.php b/Services/KeyLoader/AbstractKeyLoader.php
index 082f0778..f1efffb7 100644
--- a/Services/KeyLoader/AbstractKeyLoader.php
+++ b/Services/KeyLoader/AbstractKeyLoader.php
@@ -51,7 +51,18 @@ public function getAdditionalPublicKeys(): array
                 throw new \RuntimeException(sprintf('Additional public key "%s" does not exist or is not readable. Did you correctly set the "lexik_jwt_authentication.additional_public_keys" configuration key?', $key));
             }
 
-            $contents[] = is_file($key) ? file_get_contents($key) : $key;
+            $rawKey = $key;
+
+            if (is_file($key)) {
+                $rawKey = @file_get_contents($key);
+
+                if (false === $rawKey) {
+                    // Try invalidating the realpath cache
+                    clearstatcache(true, $key);
+                    $rawKey = file_get_contents($key);
+                }
+            }
+            $contents[] = $rawKey;
         }
 
         return $contents;
@@ -93,6 +104,14 @@ private function readKey($type)
             throw new \RuntimeException(sprintf('Signature key "%s" does not exist or is not readable. Did you correctly set the "lexik_jwt_authentication.signature_key" configuration key?', $key));
         }
 
-        return file_get_contents($key);
+        $rawKey = @file_get_contents($key);
+
+        if (false === $rawKey) {
+            // Try invalidating the realpath cache
+            clearstatcache(true, $key);
+            $rawKey = file_get_contents($key);
+        }
+
+        return $rawKey;
     }
 }
diff --git a/Services/KeyLoader/OpenSSLKeyLoader.php b/Services/KeyLoader/OpenSSLKeyLoader.php
index 2d0a68a4..2d9cd01f 100644
--- a/Services/KeyLoader/OpenSSLKeyLoader.php
+++ b/Services/KeyLoader/OpenSSLKeyLoader.php
@@ -25,7 +25,15 @@ public function loadKey($type)
             throw new \InvalidArgumentException(sprintf('The key type must be "public" or "private", "%s" given.', $type));
         }
 
-        $rawKey = file_get_contents($this->getKeyPath($type));
+        $keyPath = $this->getKeyPath($type);
+        $rawKey  = @file_get_contents($keyPath);
+
+        if (false === $rawKey) {
+            // Try invalidating the realpath cache
+            clearstatcache(true, $keyPath);
+            $rawKey = file_get_contents($keyPath);
+        }
+
         $key = call_user_func_array("openssl_pkey_get_$type", self::TYPE_PRIVATE == $type ? [$rawKey, $this->getPassphrase()] : [$rawKey]);
 
         if (!$key) {