#146 Test invalid JWT token

vityaman-edu · Jun 17, 2024 · b8fdbe5 · b8fdbe5
1 parent 75394ea
commit b8fdbe5
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/botalka/src/main/kotlin/ru/vityaman/lms/botalka/core/security/auth/JwtTokenService.kt b/botalka/src/main/kotlin/ru/vityaman/lms/botalka/core/security/auth/JwtTokenService.kt
@@ -2,12 +2,13 @@ package ru.vityaman.lms.botalka.core.security.auth
 
 import io.jsonwebtoken.ExpiredJwtException
 import io.jsonwebtoken.Jwts
+import io.jsonwebtoken.MalformedJwtException
 import io.jsonwebtoken.io.Decoders
 import io.jsonwebtoken.security.Keys
 import ru.vityaman.lms.botalka.core.exception.AuthenticationException
 import ru.vityaman.lms.botalka.core.model.User
 import java.time.Clock
-import java.util.*
+import java.util.Date
 import javax.crypto.SecretKey
 import kotlin.time.toJavaDuration
 import java.time.Duration as JavaDuration
@@ -50,6 +51,8 @@ class JwtTokenService(
             AccessToken.Payload(userId)
         } catch (e: ExpiredJwtException) {
             throw AuthenticationException(e.message!!, e)
+        } catch (e: MalformedJwtException) {
+            throw AuthenticationException(e.message!!, e)
         }
 
     data class Config(

diff --git a/botalka/src/test/kotlin/ru/vityaman/lms/botalka/app/spring/security/JwtTokenServiceTest.kt b/botalka/src/test/kotlin/ru/vityaman/lms/botalka/app/spring/security/JwtTokenServiceTest.kt
@@ -38,4 +38,11 @@ class JwtTokenServiceTest {
             assertThrows<AuthenticationException> { tokens.decode(token) }
         }
     }
+
+    @Test
+    fun invalidToken(): Unit = runBlocking {
+        assertThrows<AuthenticationException> {
+            tokens.decode(AccessToken("invalid-token"))
+        }
+    }
 }