From 9eccc40eb6dabedc8c16013a02a7a502d5bcafee Mon Sep 17 00:00:00 2001
From: Jakub Filla <jakub.filla@wavevision.cz>
Date: Wed, 22 Jun 2016 12:38:03 +0200
Subject: [PATCH] Added catch Runtime exception when parsing JWT string

---
 .../BearerTokenValidator.php                  |  3 +++
 .../ResponseTypes/BearerResponseTypeTest.php  | 27 +++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php
index 88034750..78f2b47c 100644
--- a/src/AuthorizationValidators/BearerTokenValidator.php
+++ b/src/AuthorizationValidators/BearerTokenValidator.php
@@ -77,6 +77,9 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
         } catch (\InvalidArgumentException $exception) {
             // JWT couldn't be parsed so return the request as is
             throw OAuthServerException::accessDenied($exception->getMessage());
+        } catch(\RuntimeException $exception){
+            //JWR couldn't be parsed so return the request as is
+            throw OAuthServerException::accessDenied('Error while decoding to JSON');
         }
     }
 }
diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php
index 6c84e148..59955397 100644
--- a/tests/ResponseTypes/BearerResponseTypeTest.php
+++ b/tests/ResponseTypes/BearerResponseTypeTest.php
@@ -226,4 +226,31 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
             );
         }
     }
+    
+    public function testDetermineMissingBearerInHeader()
+    {
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
+        $responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
+
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+
+        $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
+        $authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
+        $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
+
+        $request = new ServerRequest();
+        $request = $request->withHeader('authorization', 'Bearer blah.blah.blah');
+
+        try {
+            $authorizationValidator->validateAuthorization($request);
+        } catch (OAuthServerException $e) {
+            $this->assertEquals(
+                'Error while decoding to JSON',
+                $e->getHint()
+            );
+        }
+    }
 }