JWT토큰 verify 중에 Unsupported JWS algorithm 에러시, 잘못된 토큰이므로 똑같이 invaild
예외처리.
This commit is contained in:
@@ -123,10 +123,14 @@ public class ApiAuthFilter implements HttpAdapterFilter {
|
|||||||
} else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) {
|
} else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) {
|
||||||
throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired");
|
throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired");
|
||||||
}
|
}
|
||||||
|
try {
|
||||||
if (!signedJWT.verify(jwsVerifier)) {
|
if (!signedJWT.verify(jwsVerifier)) {
|
||||||
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid");
|
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid");
|
||||||
|
}
|
||||||
|
}catch (Exception e) {
|
||||||
|
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid", e);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
OAuth2Manager manager = OAuth2Manager.getInstance();
|
OAuth2Manager manager = OAuth2Manager.getInstance();
|
||||||
HashSet<String> scopeSet = manager.getApiScopeMap().get(apiId);
|
HashSet<String> scopeSet = manager.getApiScopeMap().get(apiId);
|
||||||
|
|||||||
Reference in New Issue
Block a user