From 7b406e89e422938654dc5c2e05f8bddca1fd2057 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@users.noreply.github.com>
Date: Mon, 25 Jun 2018 10:07:43 -0500
Subject: [PATCH] Fixes in decoder

---
 .../security/oauth2/jwt/NimbusJwkReactiveJwtDecoder.java | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwkReactiveJwtDecoder.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwkReactiveJwtDecoder.java
index 1f68843ede..3ec9e37511 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwkReactiveJwtDecoder.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwkReactiveJwtDecoder.java
@@ -102,7 +102,7 @@ public final class NimbusJwkReactiveJwtDecoder implements ReactiveJwtDecoder {
 		if (jwt instanceof SignedJWT) {
 			return this.decode((SignedJWT) jwt);
 		}
-		return Mono.empty();
+		throw new JwtException("Unsupported algorithm of " + jwt.getHeader().getAlgorithm());
 	}
 
 	private JWT parse(String token) {
@@ -129,11 +129,8 @@ public final class NimbusJwkReactiveJwtDecoder implements ReactiveJwtDecoder {
 		try {
 			return this.jwtProcessor.process(parsedToken, new JWKContext(jwkList));
 		}
-		catch (BadJOSEException e) {
-			throw new RuntimeException(e);
-		}
-		catch (JOSEException e) {
-			throw new RuntimeException(e);
+		catch (BadJOSEException | JOSEException e) {
+			throw new JwtException("Failed to validate the token", e);
 		}
 	}