Merge pull request #24 from mihailstumkins/fix/incorrect-bearer-token…

…-format

fix: parseJWT is now throwing AuthenticationError.invalidCredentials …

Sources/JWTProvider/JWTError+Status.swift

@@ -0,0 +1,40 @@
+import Vapor
+import HTTP
+import JWT
+
+
+extension JWTError: AbortError {
+   public var status: Status {
+        switch self {
+        case .incorrectNumberOfSegments,
+             .incorrectPayloadForClaimVerification,
+             .missingAlgorithm,
+             .missingClaim,
+             .wrongAlgorithm,
+             .verificationFailedForClaim,
+             .signatureVerificationFailed:
+            return .unauthorized
+        default:
+            return .internalServerError
+        }
+    }
+}
+
+extension JWTError: Debuggable {
+    public var reason: String {
+        return self.description
+    }
+
+    public var identifier: String {
+        return self.description
+    }
+
+    public var possibleCauses: [String] {
+        return []
+    }
+
+    public var suggestedFixes: [String] {
+        return []
+    }
+}
+

Tests/JWTProviderTests/PayloadAuthenticationMiddlewareTests.swift

@@ -4,6 +4,8 @@ import Vapor
 import Transport
 import HTTP
 import JWT
+import AuthProvider
+
 @testable import JWTProvider
 
 class PayloadAuthenticationMiddlewareTests: XCTestCase {
@@ -14,6 +16,7 @@ class PayloadAuthenticationMiddlewareTests: XCTestCase {
         ("testAuthenticateWithIdentifiedToken", testAuthenticateWithIdentifiedToken),
         ("testAuthenticateWithIdentifiedTokenWithNoMatchingSigner", testAuthenticateWithIdentifiedTokenWithNoMatchingSigner),
         ("testAuthenticateWithJWKSURL", testAuthenticateWithJWKSURL),
+        ("testAuthenticateWithNonParsableToken", testAuthenticateWithNonParsableToken)
     ]
 
     func testAuthenticateWithLegacySigner() throws {
@@ -106,6 +109,23 @@ class PayloadAuthenticationMiddlewareTests: XCTestCase {
 
         _ = try middleware.respond(to: request, chainingTo: MockResponder())
     }
+
+
+    func testAuthenticateWithNonParsableToken() throws {
+
+        let request = Request(
+            method: .get,
+            uri: "http://localhost/test",
+            headers: [HeaderKey.authorization: "Bearer nonparsablejwttoken"]
+        )
+
+        let signers = ["1234": Unsigned(), "5678": Unsigned()]
+        let middleware = PayloadAuthenticationMiddleware<MockUser>(signers)
+
+        XCTAssertThrowsError(try middleware.respond(to: request, chainingTo: MockResponder()), "invalidCredentials") { error in
+            XCTAssertTrue((error as? JWTError)?.status == .unauthorized)
+        }
+    }
 }
 
 extension PayloadAuthenticationMiddlewareTests {