From 6f862c83636a426cfe08b86fb94631dcfd7c5430 Mon Sep 17 00:00:00 2001
From: Daniel McKnight <daniel@neon.ai>
Date: Fri, 20 Dec 2024 17:52:59 -0800
Subject: [PATCH] Catch and log errors when an old/invalid JWT token is parsed

---
 neon_hana/auth/client_manager.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/neon_hana/auth/client_manager.py b/neon_hana/auth/client_manager.py
index 7a5f7b1..cc7b83c 100644
--- a/neon_hana/auth/client_manager.py
+++ b/neon_hana/auth/client_manager.py
@@ -35,6 +35,7 @@
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from jwt import DecodeError, ExpiredSignatureError
 from ovos_utils import LOG
+from pydantic import ValidationError
 from token_throttler import TokenThrottler, TokenBucket
 from token_throttler.storage import RuntimeStorage
 
@@ -363,6 +364,8 @@ def validate_auth(self, token: str, origin_ip: str) -> bool:
                 username=auth.sub, client_id=auth.client_id, access_token=token,
                 refresh_token="", expiration=auth.exp)
             return True
+        except ValidationError:
+            LOG.error(f"Invalid token data received from {origin_ip}.")
         except DecodeError:
             # Invalid token supplied
             pass