Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize TokenValidationError #40

Open
sirewix opened this issue Dec 17, 2024 · 1 comment
Open

Sanitize TokenValidationError #40

sirewix opened this issue Dec 17, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@sirewix
Copy link
Contributor

sirewix commented Dec 17, 2024

TokenValidationError::TokenDecodeError returns josekit::JoseError which has lots of anyhow::Error under the hood. We need to make sure that returned errors do not return any sensitive information and TokenValidationError can be safely logged and returned in json response
@sirewix sirewix added the enhancement New feature or request label Dec 17, 2024
@sirewix
Copy link
Contributor Author

sirewix commented Dec 17, 2024

It would also be great if there would be an easy way to distinguish among user facing errors ("missing claim", "invalid signature") and "very likely errors on our end" like "invalid jwk format", this way services can correctly return 4xx or 5xx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sirewix