dimas-b commented on code in PR #350:
URL: https://github.com/apache/polaris/pull/350#discussion_r1792015532
##########
polaris-service/src/main/java/org/apache/polaris/service/auth/JWTBroker.java:
##########
@@ -56,36 +60,37 @@ abstract class JWTBroker implements TokenBroker {
@Override
public DecodedToken verify(String token) {
- JWTVerifier verifier = JWT.require(getAlgorithm()).build();
- DecodedJWT decodedJWT = verifier.verify(token);
- Boolean isActive = decodedJWT.getClaim(CLAIM_KEY_ACTIVE).asBoolean();
- if (isActive == null || !isActive) {
- throw new NotAuthorizedException("Token is not active");
+ JWTVerifier verifier =
JWT.require(getAlgorithm()).withClaim(CLAIM_KEY_ACTIVE, true).build();
+
+ try {
+ DecodedJWT decodedJWT = verifier.verify(token);
+ return new DecodedToken() {
+ @Override
+ public Long getPrincipalId() {
+ return decodedJWT.getClaim("principalId").asLong();
+ }
+
+ @Override
+ public String getClientId() {
+ return decodedJWT.getClaim("client_id").asString();
+ }
+
+ @Override
+ public String getSub() {
+ return decodedJWT.getSubject();
+ }
+
+ @Override
+ public String getScope() {
+ return decodedJWT.getClaim("scope").asString();
+ }
+ };
+
+ } catch (JWTVerificationException e) {
+ LOGGER.error(
+ "Failed to verify the token with cause {} and message {}",
e.getCause(), e.getMessage());
Review Comment:
suggestion: add the whole `e` object (instead of individual `e.getCause()`
and `e.getMessage()`) to the log call to get its stack trace printed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
