chore: better warning/debug messages on failing signature validations

Author: peppelinux

src/cryptojwt/jws/jws.py

@@ -226,14 +226,13 @@ def verify_compact_verbose(self, jws=None, keys=None, allow_none=False, sigalg=N
                 _key = key.key
 
             try:
-                if not verifier.verify(jwt.sign_input(), jwt.signature(), _key):
-                    continue
+                verifier.verify(jwt.sign_input(), jwt.signature(), _key)
             except (BadSignature, IndexError):
-                pass
+                logger.warning(f'BadSignature caught with {jwt}: "{err}"')
             except (ValueError, TypeError) as err:
-                logger.warning('Exception "{}" caught'.format(err))
+                logger.warning(f'Exception with {jwt.headers}: "{err}"')
             else:
-                logger.debug("Verified message using key with kid=%s" % key.kid)
+                logger.debug(f"Verified message using key with kid={key.kid}")
                 self.msg = jwt.payload()
                 self.key = key
                 self._protected_headers = jwt.headers.copy()

src/cryptojwt/jwt.py

@@ -374,8 +374,8 @@ def unpack(self, token):
         else:
             _msg_cls = self.iss2msg_cls.get(_info["iss"], None)
             if not _msg_cls:
-                LOGGER.warning(
-                    "Exception unpacking a received JWT "
+                LOGGER.debug(
+                    "both msg_cls and iss2msg are None "
                     f"for the issuer {_info['iss']}"
                 )