fastapi-users icon indicating copy to clipboard operation
fastapi-users copied to clipboard
verified publisher icon fastapi-users

500 Response on jwt.exception.ExpiredSignatureError

Open xelandernt opened this issue 1 year ago • 0 comments

Describe the bug

When using the oauth_router, the state jwt token has an expiration time. When the callback tries to call the callback endpoint with an expired state token, an Internal Server Error (500) is thrown because the jwt.ExpiredSignatureError is thrown, however only the jwt.DecodeError case is handled in the code.

To Reproduce

  1. Call the oauth_routers /authorize endpoint.
  2. Wait for the state token to expire.
  3. Call the /callback with an otherwise valid request (except for an expired token).
  4. See error

Expected behavior

When calling the callback endpoint with an Invalid token: 400 BAD REQUEST or similar, should be the response instead of 500

Solution Proposal

Catch jwt.InvalidTokenError instead of just jwt.DecodeError.

xelandernt avatar Nov 08 '24 09:11 xelandernt