Skip to content

Commit

Permalink
Merge pull request #4673 from jmcrawford45/PS-5386
Browse files Browse the repository at this point in the history 
eat all jwt decode exceptions when not in debug mode
  • Loading branch information
@jmcrawford45
jmcrawford45 authored Oct 24, 2023
2 parents 59653f0 + 77a9a06 commit 3bee5d2
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lemur/auth/service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,10 @@ def decorated_function(*args, **kwargs):
return dict(message="Token has expired"), 403
except jwt.InvalidTokenError:
return dict(message="Token is invalid"), 403
except Exception: # noqa
if current_app.config.get("DEBUG", False):
raise
return dict(message="Failed to decode token"), 403

if "aid" in payload:
access_key = api_key_service.get(payload["aid"])
Expand Down

0 comments on commit 3bee5d2

Please sign in to comment.