From 58b67294bd80f11626993ae9a05093fe89d74985 Mon Sep 17 00:00:00 2001
From: Antoine MARQUES <93318966+AntoineMarques@users.noreply.github.com>
Date: Fri, 12 Aug 2022 15:12:22 +0200
Subject: [PATCH] Don't fail on ID token expiration

This prevented from reading an expired token from cache and refreshing it.
JWT_Exception didn't existed => replaced with UnexpectedValueException used by JWT.
Catches ExpiredException and proceeds.
---
 src/Token/AccessToken.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/Token/AccessToken.php b/src/Token/AccessToken.php
index 7de80f9..83a5758 100644
--- a/src/Token/AccessToken.php
+++ b/src/Token/AccessToken.php
@@ -2,6 +2,7 @@
 
 namespace TheNetworg\OAuth2\Client\Token;
 
+use Firebase\JWT\ExpiredException;
 use Firebase\JWT\JWT;
 use InvalidArgumentException;
 use League\OAuth2\Client\Tool\RequestFactory;
@@ -37,13 +38,16 @@ public function __construct(array $options, $provider)
                     // Then parse the idToken claims only without validating the signature
                     $idTokenClaims = (array)JWT::jsonDecode(JWT::urlsafeB64Decode($tks[1]));
                 }
-            } catch (JWT_Exception $e) {
+
+                $provider->validateTokenClaims($idTokenClaims);
+                $this->idTokenClaims = $idTokenClaims;
+                
+            } catch (ExpiredException $e) {
+                // ID token expired, but whatever ...
+                
+            } catch (UnexpectedValueException $e) {
                 throw new RuntimeException('Unable to parse the id_token!');
             }
-
-            $provider->validateTokenClaims($idTokenClaims);
-
-            $this->idTokenClaims = $idTokenClaims;
         }
     }