fail silently when token type is missing if there is no crypto payload.

codingchili · May 1, 2018 · 4b5c209 · 4b5c209
1 parent 0f9ac03
commit 4b5c209
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/build.gradle b/build.gradle
@@ -2,7 +2,7 @@ apply plugin: 'java'
 apply plugin: 'idea'
 apply plugin: 'maven'
 
-project.version = "1.0.34-SNAPSHOT"
+project.version = "1.0.35-SNAPSHOT"
 project.group = 'com.github.codingchili.chili-core'
 
 subprojects {

diff --git a/core/main/java/com/codingchili/core/security/TokenFactory.java b/core/main/java/com/codingchili/core/security/TokenFactory.java
@@ -60,7 +60,8 @@ public boolean verify(Token token) {
                             .send(String.format("Token algorithm '%s' - not enabled/trusted.", algorithm));
                     return false;
                 }
-            } else {
+                // only log an error if the token is secured and type is missing.
+            } else if (token.getKey() != null) {
                 logger.event("token.verify", Level.WARNING)
                         .send(String.format("Token is missing property '%s' - unable to verify.", CRYPTO_TYPE));
             }