From e7a7b946beb3a237f964382c38b9ef7de8641003 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Fri, 14 Oct 2016 21:29:09 -0400
Subject: [PATCH] suppress logs for bad security token

---
 src/Api/Utilities/ExceptionHandlerFilterAttribute.cs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Api/Utilities/ExceptionHandlerFilterAttribute.cs b/src/Api/Utilities/ExceptionHandlerFilterAttribute.cs
index c91b8869e2..463be6a557 100644
--- a/src/Api/Utilities/ExceptionHandlerFilterAttribute.cs
+++ b/src/Api/Utilities/ExceptionHandlerFilterAttribute.cs
@@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Filters;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.IdentityModel.Tokens;
 
 namespace Bit.Api.Utilities
 {
@@ -46,11 +47,15 @@ namespace Bit.Api.Utilities
                 errorModel.Message = "Resource not found.";
                 context.HttpContext.Response.StatusCode = 404;
             }
+            else if(exception is SecurityTokenValidationException)
+            {
+                errorModel.Message = "Invalid token.";
+                context.HttpContext.Response.StatusCode = 403;
+            }
             else
             {
                 var logger = context.HttpContext.RequestServices.GetRequiredService<ILogger<ExceptionHandlerFilterAttribute>>();
                 logger.LogError(0, exception, exception.Message);
-                logger.LogError(0, exception, exception.Message);
 
                 errorModel.Message = "An unhandled server error has occured.";
                 context.HttpContext.Response.StatusCode = 500;