TsgcHTTP_JWT_Server.OnJWTException
Click here to see this page in full context

TsgcHTTP_JWT_ServerEvents › OnJWTException

OnJWTException Event

Fired when an exception is raised while decoding or validating the token so the application can log the error.

Syntax

property OnJWTException: TsgcHTTPJWTExceptionEvent;
// TsgcHTTPJWTExceptionEvent = procedure(Sender: TObject; aConnection: TsgcWSConnection; E: Exception) of object

Default Value

Unassigned — the exception is swallowed silently and IsJWTTokenValid returns False.

Remarks

Fires from the exception handler inside IsJWTTokenValid whenever the pipeline raises: malformed token that cannot be split, unsupported algorithm in the header, OpenSSL / HMAC error, etc. E is the exception instance (do not free it) and E.Message carries the reason. Use this hook to log validation failures; the exception is not re-raised, so the server continues to serve other requests normally and the current request will follow the Unauthorized path.

Example


procedure TMyForm.sgcJWTException(Sender: TObject;
  aConnection: TsgcWSConnection; E: Exception);
begin
  Log('JWT validation failed: ' + E.ClassName + ' - ' + E.Message);
end;

Back to Events