THrow Exception when token is invalid but not expired.

Author: wparad

authress/api/token_verifier.py

@@ -55,9 +55,11 @@ def verify_token(self, authressCustomDomain, token, options=None):
 
     try:
       return jwt.decode(authenticationToken, jwt.api_jwk.PyJWK.from_dict(jwk).key, algorithms=['EdDSA'], options = { 'verify_aud': False })
-    except jwt.ExpiredSignatureError:
+    except
       raise Exception("Unauthorized", "Token is invalid")
 
+    raise Exception("Unauthorized", "Token is invalid")
+
   def get_public_key(self, jwkKeyListUrl, kid):
     hashKey = f"{jwkKeyListUrl}|{kid}"