trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/oauth2: handle attribute errors when validation JWK contains private key 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-05-25 22:23:05 +02:00
parent e42386b150
commit 0e0dd2437b
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
authentik/providers/oauth2/views/token.py
View File

@ -311,8 +311,10 @@ class TokenParams:
"verify_aud": False, "verify_aud": False,
}, },
) )
except (InvalidTokenError, ValueError, TypeError) as last_exc: # AttributeError is raised when the configured JWK is a private key
LOGGER.warning("failed to validate jwt", last_exc=last_exc) # and not a public key
except (InvalidTokenError, ValueError, TypeError, AttributeError) as exc:
LOGGER.warning("failed to validate jwt", exc=exc)
if not token: if not token:
LOGGER.warning("No token could be verified") LOGGER.warning("No token could be verified")