Open AntoineMarques opened 1 year ago
I agree that this can be skipped, especially when retrieving token from cache. I don't think that removing this will have any big impact on security of this library, since token for API scenarios is being validated elsewhere. I will walk through the code once more, just to be very sure but I think it should be fine to merge.
This prevented from reading an expired token from cache and refreshing it. JWT_Exception didn't existed => replaced with UnexpectedValueException used by JWT. Catches ExpiredException and proceeds.