From 261b1ff25c634b8ef89137061687289d5fe625b0 Mon Sep 17 00:00:00 2001 From: David Zuckerman Date: Thu, 23 Apr 2026 12:00:01 -0700 Subject: [PATCH 1/2] The Alma sandbox url for jwts authentication needs env=sandbox --- .env.sample | 4 +++- app/controllers/concerns/alma_jwt_validator.rb | 6 +++++- spec/controllers/concerns/alma_jwt_validator_spec.rb | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.env.sample b/.env.sample index 2ec8c9d4..d474ccbc 100644 --- a/.env.sample +++ b/.env.sample @@ -2,4 +2,6 @@ FRAMEWORK_ALMA_API_URL=https://api-na.hosted.exlibrisgroup.com/almaws/v1/ # Keys can be found in LastPass FRAMEWORK_ALMA_API_KEY=KEY_GOES_HERE FRAMEWORK_ALMA_SANDBOX_KEY=KEY_GOES_HERE -LIT_TIND_API_KEY=KEY_GOES_HERE \ No newline at end of file +# If pointing to the sandbox the env=sandbox is required in the url +ALMA_JWT_JWKS_URL=https://api-na.hosted.exlibrisgroup.com/auth/out institution code/jwks.json?env=sandbox +LIT_TIND_API_KEY=KEY_GOES_HERE diff --git a/app/controllers/concerns/alma_jwt_validator.rb b/app/controllers/concerns/alma_jwt_validator.rb index fd739397..aa944ebc 100644 --- a/app/controllers/concerns/alma_jwt_validator.rb +++ b/app/controllers/concerns/alma_jwt_validator.rb @@ -3,7 +3,11 @@ require 'json' module AlmaJwtValidator - JWKS_URL = 'https://api-na.hosted.exlibrisgroup.com/auth/01UCS_BER/jwks.json'.freeze + # https://developers.exlibrisgroup.com/alma/integrations/token/ + # If running against the Alma sandbox the JWKS_URL needs env=sandbox appended to the end of the url + # e.g. https://api-na.hosted.exlibrisgroup.com/auth/01UCS_BER/jwks.json?env=sandbox. + # set ALMA_JWT_JWKS_URL in your .env when running locally against the Alma sandbox + JWKS_URL = ENV.fetch('ALMA_JWT_JWKS_URL', 'https://api-na.hosted.exlibrisgroup.com/auth/01UCS_BER/jwks.json').freeze EXPECTED_ISS = 'Prima'.freeze module_function diff --git a/spec/controllers/concerns/alma_jwt_validator_spec.rb b/spec/controllers/concerns/alma_jwt_validator_spec.rb index 90281558..0ab1ff93 100644 --- a/spec/controllers/concerns/alma_jwt_validator_spec.rb +++ b/spec/controllers/concerns/alma_jwt_validator_spec.rb @@ -5,7 +5,7 @@ describe AlmaJwtValidator do let(:alma_institution_code) { '01UCS_BER' } - let(:jwks_url) { "https://api-na.hosted.exlibrisgroup.com/auth/#{alma_institution_code}/jwks.json" } + let(:jwks_url) { ENV.fetch('ALMA_JWT_JWKS_URL', "https://api-na.hosted.exlibrisgroup.com/auth/#{alma_institution_code}/jwks.json") } let(:expected_iss) { 'Prima' } # Generate an EC key pair for testing From 778d18ba10139815d51ab6a451d1375a379fe2c5 Mon Sep 17 00:00:00 2001 From: David Zuckerman Date: Thu, 23 Apr 2026 12:16:28 -0700 Subject: [PATCH 2/2] fixed typo in .env.sample and ordered alphabetically --- .env.sample | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.env.sample b/.env.sample index d474ccbc..60277911 100644 --- a/.env.sample +++ b/.env.sample @@ -1,7 +1,7 @@ -FRAMEWORK_ALMA_API_URL=https://api-na.hosted.exlibrisgroup.com/almaws/v1/ +# If pointing to the sandbox the env=sandbox is required in the url +ALMA_JWT_JWKS_URL=https://api-na.hosted.exlibrisgroup.com/auth/our institution code/jwks.json?env=sandbox # Keys can be found in LastPass FRAMEWORK_ALMA_API_KEY=KEY_GOES_HERE +FRAMEWORK_ALMA_API_URL=https://api-na.hosted.exlibrisgroup.com/almaws/v1/ FRAMEWORK_ALMA_SANDBOX_KEY=KEY_GOES_HERE -# If pointing to the sandbox the env=sandbox is required in the url -ALMA_JWT_JWKS_URL=https://api-na.hosted.exlibrisgroup.com/auth/out institution code/jwks.json?env=sandbox LIT_TIND_API_KEY=KEY_GOES_HERE