🔨 JWT decoding error raises unauthorized exception

vortico · Jul 9, 2024 · 085f209 · 085f209
1 parent d22272f
commit 085f209
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/flama/authentication/components.py b/flama/authentication/components.py
@@ -72,7 +72,7 @@ def resolve(self, headers: Headers, cookies: Cookies) -> jwt.JWT:
             token = jwt.JWT.decode(encoded_token, self.secret)
         except (exceptions.JWTDecodeException, exceptions.JWTValidateException) as e:
             raise HTTPException(
-                status_code=http.HTTPStatus.BAD_REQUEST, detail={"error": e.__class__, "description": str(e)}
+                status_code=http.HTTPStatus.UNAUTHORIZED, detail={"error": e.__class__, "description": str(e)}
             )
 
         return token
diff --git a/tests/authentication/test_components.py b/tests/authentication/test_components.py
@@ -92,15 +92,15 @@ def jwt(token: JWT):
                         "n0sICJpYXQiOiAwfQ==.0000",
                     }
                 },
-                400,
+                401,
                 {
                     "detail": {
                         "description": "Signature verification failed for token 'eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVC"
                         "J9.eyJkYXRhIjogeyJmb28iOiAiYmFyIn0sICJpYXQiOiAwfQ==.0000'",
                         "error": "JWTValidateException",
                     },
                     "error": "HTTPException",
-                    "status_code": 400,
+                    "status_code": 401,
                 },
                 id="invalid_token",
             ),