Update jwt.go

issue: When `auth_opt_jwt_skip_user_expiration` is enabled in config file and the wrong JWT token is sent by client to server (with a few or completely wrong segments), the code crashes. Workaround: modify the code structure by moving the checking of token expiration conditions
iegomez · Sep 20, 2024 · 245a01a · 245a01a
1 parent 6b602a6
commit 245a01a
Showing 1 changed file with 12 additions and 8 deletions.
diff --git a/backends/jwt.go b/backends/jwt.go
@@ -132,15 +132,19 @@ func getJWTClaims(secret string, tokenStr string, skipExpiration bool) (*jwtGo.M
 	})
 
 	expirationError := false
-	if err != nil {
-		if !skipExpiration {
-			log.Debugf("jwt parse error: %s", err)
-			return nil, err
-		}
-
+	if err != nil {					
 		if v, ok := err.(*jwtGo.ValidationError); ok && v.Errors == jwtGo.ValidationErrorExpired {
-			expirationError = true
-		}
+			log.Debugf("token expired: %s", err)
+			if skipExpiration {
+				expirationError = true
+			}else{
+				log.Debugf("jwt parse error: %s", err)
+				return nil, err	
+			}
+		}else{
+			log.Debugf("jwt parse error: %s", err)
+			return nil, err	
+		}	
 	}
 
 	if !jwtToken.Valid && !expirationError {