JWT토큰 verify 중에 Unsupported JWS algorithm 에러시, 잘못된 토큰이므로 똑같이 invaild
예외처리.
This commit is contained in:
@@ -123,10 +123,14 @@ public class ApiAuthFilter implements HttpAdapterFilter {
|
||||
} else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) {
|
||||
throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired");
|
||||
}
|
||||
|
||||
if (!signedJWT.verify(jwsVerifier)) {
|
||||
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid");
|
||||
try {
|
||||
if (!signedJWT.verify(jwsVerifier)) {
|
||||
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid");
|
||||
}
|
||||
}catch (Exception e) {
|
||||
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid", e);
|
||||
}
|
||||
|
||||
|
||||
OAuth2Manager manager = OAuth2Manager.getInstance();
|
||||
HashSet<String> scopeSet = manager.getApiScopeMap().get(apiId);
|
||||
|
||||
Reference in New Issue
Block a user