500 Response on jwt.exception.ExpiredSignatureError

## Describe the bug

When using the `oauth_router`, the `state` jwt token has an expiration time. 
When the callback tries to call the `callback` endpoint with an expired state token, an Internal Server Error (500) is thrown because the `jwt.ExpiredSignatureError` is thrown, however only the `jwt.DecodeError` case is handled in the code.

## To Reproduce

1. Call the `oauth_routers` `/authorize` endpoint.
2. Wait for the `state` token to expire.
3. Call the `/callback` with an otherwise valid request (except for an expired token).
4. See error

## Expected behavior
When calling the `callback` endpoint with an Invalid token:
`400 BAD REQUEST` or similar,  should be the response instead of `500` 

## Solution Proposal

Catch `jwt.InvalidTokenError` instead of just `jwt.DecodeError`.



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

500 Response on jwt.exception.ExpiredSignatureError #1462

Describe the bug

To Reproduce

Expected behavior

Solution Proposal

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

500 Response on jwt.exception.ExpiredSignatureError #1462

Description

Describe the bug

To Reproduce

Expected behavior

Solution Proposal

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions