From c359828381ee37ff46a6f6689e507c88c44113f1 Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Tue, 5 Nov 2024 15:28:49 +0100
Subject: [PATCH 1/9] catched invalid token

---
 dds_web/security/auth.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 3d00023a6..40ada1d0d 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -14,6 +14,7 @@
 import json
 import jwcrypto
 from jwcrypto import jwk, jwt
+from jwcrypto.jwe import InvalidJWEData
 import structlog
 
 # Own modules
@@ -370,7 +371,7 @@ def decrypt_token(token):
     # Decrypt token
     try:
         decrypted_token = jwt.JWT(key=key, jwt=token, expected_type="JWE")
-    except ValueError as exc:
+    except (ValueError, InvalidJWEData) as exc:
         # "Token format unrecognized"
         raise AuthenticationError(message="Invalid token") from exc
 

From 274ff702a4d8967260267c48850c9bba81332376 Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Tue, 5 Nov 2024 15:31:53 +0100
Subject: [PATCH 2/9] sprintlog

---
 SPRINTLOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/SPRINTLOG.md b/SPRINTLOG.md
index e5316de21..1e57bff4a 100644
--- a/SPRINTLOG.md
+++ b/SPRINTLOG.md
@@ -450,3 +450,7 @@ _Nothing merged during this sprint_
 - Workflow: Bump GitHub checkout action to v4 ([#1556](https://github.com/ScilifelabDataCentre/dds_web/pull/1556))
 - Workflow: CodeQL action version(s) bumped to v3 ([#1569](https://github.com/ScilifelabDataCentre/dds_web/pull/1569))
 - Workflow: Setup-node, codecov and upload-sarif action versions bumped to v4, v4 and v3, respectively ([#1570](https://github.com/ScilifelabDataCentre/dds_web/pull/1570))
+
+# 2024-11-04 - 2024-11-15
+
+- Catch error of invalid token to avoid logging an exception in the logs ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))

From 2eacf8337a888d9a8c633e544a3910af35d0be4e Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Tue, 5 Nov 2024 15:41:39 +0100
Subject: [PATCH 3/9] general exception

---
 dds_web/security/auth.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 40ada1d0d..19451e31d 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -371,8 +371,10 @@ def decrypt_token(token):
     # Decrypt token
     try:
         decrypted_token = jwt.JWT(key=key, jwt=token, expected_type="JWE")
-    except (ValueError, InvalidJWEData) as exc:
-        # "Token format unrecognized"
+    except (ValueError, jwcrypto.common.JWException) as exc:
+        # ValueError is raised when the token doesn't look right (for example no periods)
+        # jwcryopto.common.JWException is the base exception raised by jwcrypto,
+        # and is raised when the token is malformed or invalid.
         raise AuthenticationError(message="Invalid token") from exc
 
     return decrypted_token.claims

From cf3981b7df067857168d800931d66960f3c8355e Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Tue, 5 Nov 2024 15:43:06 +0100
Subject: [PATCH 4/9] ununsed package

---
 dds_web/security/auth.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 19451e31d..55af5b102 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -14,7 +14,6 @@
 import json
 import jwcrypto
 from jwcrypto import jwk, jwt
-from jwcrypto.jwe import InvalidJWEData
 import structlog
 
 # Own modules

From 53b65933f3ba70c4fd829e0f0a3f700539c60faa Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Thu, 7 Nov 2024 16:54:05 +0100
Subject: [PATCH 5/9] simpler solution

---
 dds_web/security/auth.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 55af5b102..44f55f91f 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -278,7 +278,6 @@ def __verify_general_token(token):
         # ValueError is raised when the token doesn't look right (for example no periods)
         # jwcryopto.common.JWException is the base exception raised by jwcrypto,
         # and is raised when the token is malformed or invalid.
-        flask.current_app.logger.exception(e)
         raise AuthenticationError(message="Invalid token") from e
 
     expiration_time = data.get("exp")
@@ -370,10 +369,7 @@ def decrypt_token(token):
     # Decrypt token
     try:
         decrypted_token = jwt.JWT(key=key, jwt=token, expected_type="JWE")
-    except (ValueError, jwcrypto.common.JWException) as exc:
-        # ValueError is raised when the token doesn't look right (for example no periods)
-        # jwcryopto.common.JWException is the base exception raised by jwcrypto,
-        # and is raised when the token is malformed or invalid.
+    except ValueError as exc:
         raise AuthenticationError(message="Invalid token") from exc
 
     return decrypted_token.claims

From 4a1cef09c2ae708edf6923b0d970d3571cdc31ee Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Thu, 7 Nov 2024 17:06:45 +0100
Subject: [PATCH 6/9] log the exp as an error only printing the name for
 possible debug purposes

---
 SPRINTLOG.md             | 2 +-
 dds_web/security/auth.py | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/SPRINTLOG.md b/SPRINTLOG.md
index 1e57bff4a..7b7f070ea 100644
--- a/SPRINTLOG.md
+++ b/SPRINTLOG.md
@@ -453,4 +453,4 @@ _Nothing merged during this sprint_
 
 # 2024-11-04 - 2024-11-15
 
-- Catch error of invalid token to avoid logging an exception in the logs ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))
+- Remove logging of the exception of incorrect token ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))
diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 44f55f91f..03c4c9ca9 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -278,6 +278,7 @@ def __verify_general_token(token):
         # ValueError is raised when the token doesn't look right (for example no periods)
         # jwcryopto.common.JWException is the base exception raised by jwcrypto,
         # and is raised when the token is malformed or invalid.
+        flask.current_app.logger.warning(f"Exception Name: {type(e).__name__}")
         raise AuthenticationError(message="Invalid token") from e
 
     expiration_time = data.get("exp")

From 1f391570058b5209575daaf9ee893d06b5daf3d3 Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Thu, 7 Nov 2024 17:07:47 +0100
Subject: [PATCH 7/9] typo

---
 SPRINTLOG.md             | 2 +-
 dds_web/security/auth.py | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/SPRINTLOG.md b/SPRINTLOG.md
index 7b7f070ea..b9667dd8b 100644
--- a/SPRINTLOG.md
+++ b/SPRINTLOG.md
@@ -453,4 +453,4 @@ _Nothing merged during this sprint_
 
 # 2024-11-04 - 2024-11-15
 
-- Remove logging of the exception of incorrect token ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))
+- Fix logging of the exception of incorrect token ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))
diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index 03c4c9ca9..efa52bc07 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -371,6 +371,7 @@ def decrypt_token(token):
     try:
         decrypted_token = jwt.JWT(key=key, jwt=token, expected_type="JWE")
     except ValueError as exc:
+        # "Token format unrecognized"
         raise AuthenticationError(message="Invalid token") from exc
 
     return decrypted_token.claims

From 8bd2ca96d682d0b9abe26034fbdb7537efd71c0a Mon Sep 17 00:00:00 2001
From: rv0lt <alvarorevu@gmail.com>
Date: Thu, 7 Nov 2024 17:08:33 +0100
Subject: [PATCH 8/9] typo

---
 dds_web/security/auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dds_web/security/auth.py b/dds_web/security/auth.py
index efa52bc07..99fbd32c9 100644
--- a/dds_web/security/auth.py
+++ b/dds_web/security/auth.py
@@ -278,7 +278,7 @@ def __verify_general_token(token):
         # ValueError is raised when the token doesn't look right (for example no periods)
         # jwcryopto.common.JWException is the base exception raised by jwcrypto,
         # and is raised when the token is malformed or invalid.
-        flask.current_app.logger.warning(f"Exception Name: {type(e).__name__}")
+        flask.current_app.logger.warning(f"Error with Token operation: {type(e).__name__}")
         raise AuthenticationError(message="Invalid token") from e
 
     expiration_time = data.get("exp")

From d60dab30f329ec8cf525aab4e93228b56aa194cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=81lvaro=20Revuelta?=
 <46089290+rv0lt@users.noreply.github.com>
Date: Wed, 13 Nov 2024 13:06:40 +0100
Subject: [PATCH 9/9] Update SPRINTLOG.md

Co-authored-by: Valentin Georgiev <valentin.georgiev@scilifelab.uu.se>
---
 SPRINTLOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SPRINTLOG.md b/SPRINTLOG.md
index b9667dd8b..968b1645c 100644
--- a/SPRINTLOG.md
+++ b/SPRINTLOG.md
@@ -453,4 +453,4 @@ _Nothing merged during this sprint_
 
 # 2024-11-04 - 2024-11-15
 
-- Fix logging of the exception of incorrect token ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))
+- Removed exception for invalid token to simplify logging and reduce unnecessary error entries ([#1572](https://github.com/ScilifelabDataCentre/dds_web/pull/1572))