Revamp error handling

app/src/middleware/authorization.js

@@ -20,26 +20,35 @@ module.exports = {
 
     if (getConfigBoolean('keycloak.enabled')) {
       const authorization = req.get('Authorization');
+      if (!authorization || !authorization.startsWith('Bearer ')) {
+        return new Problem(401, {
+          detail: 'An authorization header of the format "Bearer {token}" is required'
+        }).send(res);
+      }
       const bearerToken = authorization.substring(7);
 
-      if (config.has('keycloak.publicKey')) {
+      try {
         const publicKey = config.get('keycloak.publicKey');
         const pemKey = publicKey.startsWith('-----BEGIN') ? publicKey : _spkiWrapper(publicKey);
 
-        try {
-          jwt.verify(bearerToken, pemKey, {
-            issuer: `${config.get('keycloak.serverUrl')}/realms/${config.get('keycloak.realm')}`
-          });
+        jwt.verify(bearerToken, pemKey, {
+          issuer: `${config.get('keycloak.serverUrl')}/realms/${config.get('keycloak.realm')}`
+        });
+        next();
 
-          next();
-        } catch (err) {
+      } catch (err) {
+        if (err instanceof jwt.JsonWebTokenError || err instanceof jwt.TokenExpiredError || err instanceof jwt.NotBeforeError) {
           return new Problem(401, {
             detail: err.message
           }).send(res);
         }
-
-      } else {
-        throw new Error('OIDC environment variable KC_PUBLICKEY or keycloak.publicKey must be defined');
+        else {
+          if (!config.has('keycloak.publicKey')) {
+            throw new Error('OIDC environment variable KC_PUBLICKEY or keycloak.publicKey must be defined');
+          } else {
+            throw(err);
+          }
+        }
       }
 
     } else {