Fixing returning err_msg with enforcer fail

src/scitokens_internal.h

@@ -554,7 +554,7 @@ class Enforcer {
             m_validator.verify(scitoken);
             return true;
         } catch (std::runtime_error &) {
-            return false;
+            throw;
         }
     }
 

test/main.cpp

@@ -254,6 +254,49 @@ TEST_F(SerializeTest, FailVerifyATJWTTest) {
     ASSERT_FALSE(rv == 0);
 }
 
+TEST_F(SerializeTest, EnforcerTest) {
+    /*
+    * Test that the enforcer works and returns an err_msg
+    */
+    char *err_msg = nullptr;
+
+    auto rv = scitoken_set_claim_string(m_token.get(), "aud",
+                "https://demo.scitokens.org/", &err_msg);
+    ASSERT_TRUE(rv == 0);
+
+    std::vector<const char *> audiences_array;
+    audiences_array.push_back("https://demo.scitokens.org/");
+    audiences_array.push_back(nullptr);
+
+    auto enforcer = enforcer_create("https://demo.scitokens.org/gtest", &audiences_array[0], &err_msg);
+    ASSERT_TRUE(enforcer != nullptr);
+
+    Acl acl;
+    acl.authz = "read";
+    acl.resource = "/stuff";
+
+    rv = scitoken_set_claim_string(m_token.get(), "scope",
+                "read:/blah", &err_msg);
+    ASSERT_TRUE(rv == 0);
+
+    rv = scitoken_set_claim_string(m_token.get(), "ver",
+                "scitoken:2.0", &err_msg);
+    ASSERT_TRUE(rv == 0);
+
+    char *token_value = nullptr;
+    rv = scitoken_serialize(m_token.get(), &token_value, &err_msg);
+    ASSERT_TRUE(rv == 0);
+    std::unique_ptr<char, decltype(&free)> token_value_ptr(token_value, free);
+
+    rv = scitoken_deserialize_v2(token_value, m_read_token.get(), nullptr, &err_msg);
+    ASSERT_TRUE(rv == 0);
+
+    rv = enforcer_test(enforcer, m_read_token.get(), &acl, &err_msg);
+    ASSERT_STREQ(err_msg, "token verification failed: 'scope' claim verification failed.");
+    ASSERT_TRUE(rv == -1) << err_msg;
+
+}
+
 }
 
 int main(int argc, char **argv) {