def validateToken()

in app/auth/BearerTokenAuth.scala [143:176]

• 34 lines of code
• 10 McCabe index (conditional complexity)

  def validateToken(token:LoginResultOK[String]):Either[LoginResult,LoginResultOK[JWTClaimsSet]] = {
    logger.debug(s"validating token $token")
    Try {
      SignedJWT.parse(token.content)
    } match {
      case Success(signedJWT) =>
        if ((System.currentTimeMillis / 1000) - loadTime > config.get[Int]("auth.keyTimeOut")) {
          logger.debug(s"Keys too old. Attempting key refresh.")
          maybeVerifiers = loadInKey() match {
            case Failure(err)=>
              if(!sys.env.contains("CI")) logger.warn(s"Could not load keys. Error was ${err.getMessage}")
              None
            case Success(jwk)=>
              Some(jwk)
          }
        }
        getVerifier(Option(signedJWT.getHeader.getKeyID)) match {
          case Some(verifier)=>
            if (signedJWT.verify(verifier)) {
              logger.debug("verified JWT")
              logger.debug(s"${signedJWT.getJWTClaimsSet.toJSONObject(true).toString}")
              Right(LoginResultOK(signedJWT.getJWTClaimsSet))
            } else {
              Left(LoginResultInvalid(token.content))
            }
          case None =>
            logger.error(s"No signing certificate could be found. There are ${maybeVerifiers.map(_.getKeys.toArray.length).getOrElse(0)} configured keys from location '$signingCertPath'")
            Left(LoginResultMisconfigured("No signing cert configured"))
        }
      case Failure(err) =>
        logger.error(s"Failed to validate token for ${token.content}: ${err.getMessage}")
        Left(LoginResultInvalid(token.content))
    }
  }