Skip to content

Commit 54da0fc

Browse files
author
wpdebruin
authored
Update JWT service for storage not enabled
no token rejection anymore when storage is not enabled. Minor updates to comments for interceptor announcements
1 parent b722dcc commit 54da0fc

File tree

1 file changed

+9
-9
lines changed

1 file changed

+9
-9
lines changed

models/jwt/JwtService.cfc

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -247,7 +247,7 @@ component accessors="true" singleton {
247247

248248
// Verify it
249249
if ( isNull( oUser ) || !len( oUser.getId() ) ) {
250-
// Announce the creation
250+
// Announce the invalid user
251251
variables.interceptorService.processState(
252252
"cbSecurity_onJWTInvalidUser",
253253
{
@@ -270,7 +270,7 @@ component accessors="true" singleton {
270270
.getContext()
271271
.setPrivateValue( variables.settings.prcUserVariable, oUser );
272272

273-
// Announce the creation
273+
// Announce the valid authentication
274274
variables.interceptorService.processState(
275275
"cbSecurity_onJWTValidAuthentication",
276276
{
@@ -297,7 +297,7 @@ component accessors="true" singleton {
297297
// Invalidate the token, decode it first and use the jti claim
298298
var results = getTokenStorage().clear( this.decode( arguments.token ).jti );
299299

300-
// Announce the creation
300+
// Announce the token invalidation
301301
variables.interceptorService.processState(
302302
"cbSecurity_onJWTInvalidation",
303303
{ token : arguments.token }
@@ -364,7 +364,7 @@ component accessors="true" singleton {
364364
);
365365
}
366366

367-
// Announce the creation
367+
// Announce the invalid claims
368368
variables.interceptorService.processState(
369369
"cbSecurity_onJWTInvalidClaims",
370370
{
@@ -387,7 +387,7 @@ component accessors="true" singleton {
387387
variables.log.warn( "Token rejected, it has expired", decodedToken );
388388
}
389389

390-
// Announce the creation
390+
// Announce the token expiration
391391
variables.interceptorService.processState(
392392
"cbSecurity_onJWTExpiration",
393393
{
@@ -400,12 +400,12 @@ component accessors="true" singleton {
400400
}
401401

402402
// Verify that this token has not been invalidated in the storage?
403-
if ( !getTokenStorage().exists( decodedToken.jti ) ) {
403+
if ( !getTokenStorage().exists( decodedToken.jti ) && variables.settings.jwt.tokenStorage.enabled ) {
404404
if ( variables.log.canWarn() ) {
405405
variables.log.warn( "Token rejected, it was not found in token storage", decodedToken );
406406
}
407407

408-
// Announce the creation
408+
// Announce the rejection, token not found in storage
409409
variables.interceptorService.processState(
410410
"cbSecurity_onJWTStorageRejection",
411411
{
@@ -424,7 +424,7 @@ component accessors="true" singleton {
424424
// Log
425425
if ( variables.log.canDebug() ) {
426426
variables.log.debug(
427-
"Token is valid, not expired and found in storage, inflating to PRC",
427+
"Token is valid, not expired and found in (enabled) storage, inflating to PRC",
428428
decodedToken
429429
);
430430
}
@@ -435,7 +435,7 @@ component accessors="true" singleton {
435435
.setPrivateValue( "jwt_token", jwtToken )
436436
.setPrivateValue( "jwt_payload", decodedToken );
437437

438-
// Announce the creation
438+
// Announce the valid parsing
439439
variables.interceptorService.processState(
440440
"cbSecurity_onJWTValidParsing",
441441
{

0 commit comments

Comments
 (0)