From bb07ecd697cb6fdf4dc6a53bb5eb5399d5905c53 Mon Sep 17 00:00:00 2001
From: Warren Parad <gpg@warrenparad.net>
Date: Wed, 1 May 2024 15:18:01 +0200
Subject: [PATCH] THrow Exception when token is invalid but not expired.

---
 authress/api/token_verifier.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authress/api/token_verifier.py b/authress/api/token_verifier.py
index cd8855f..25a5c72 100644
--- a/authress/api/token_verifier.py
+++ b/authress/api/token_verifier.py
@@ -55,7 +55,7 @@ def verify_token(self, authressCustomDomain, token, options=None):
 
     try:
       return jwt.decode(authenticationToken, jwt.api_jwk.PyJWK.from_dict(jwk).key, algorithms=['EdDSA'], options = { 'verify_aud': False })
-    except jwt.ExpiredSignatureError:
+    except:
       raise Exception("Unauthorized", "Token is invalid")
 
   def get_public_key(self, jwkKeyListUrl, kid):