Throw if IsSkillClaim and claimsValidator is null (#2761) (#2764)

EricDahlvang · web-flow · commit 37c938ce08b2 · 2020-09-04T09:38:39.000-07:00
diff --git a/libraries/botframework-connector/src/auth/jwtTokenValidation.ts b/libraries/botframework-connector/src/auth/jwtTokenValidation.ts
@@ -132,6 +132,9 @@ export namespace JwtTokenValidation {
         if (authConfig.validateClaims) {
             // Call the validation method if defined (it should throw an exception if the validation fails)
             await authConfig.validateClaims(claims);
+        } else if (SkillValidation.isSkillClaim(claims)) {
+            // Skill claims must be validated using AuthenticationConfiguration validateClaims
+            throw new AuthenticationError('Unauthorized Access. Request is not authorized. Skill Claims require validation.', StatusCodes.UNAUTHORIZED); 
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -132,6 +132,9 @@ export namespace JwtTokenValidation {`
`132`	`132`	`if (authConfig.validateClaims) {`
`133`	`133`	`// Call the validation method if defined (it should throw an exception if the validation fails)`
`134`	`134`	`await authConfig.validateClaims(claims);`
	`135`	`+ } else if (SkillValidation.isSkillClaim(claims)) {`
	`136`	`+ // Skill claims must be validated using AuthenticationConfiguration validateClaims`
	`137`	`+ throw new AuthenticationError('Unauthorized Access. Request is not authorized. Skill Claims require validation.', StatusCodes.UNAUTHORIZED);`
`135`	`138`	`}`
`136`	`139`	`}`
`137`	`140`