Update enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect…

…/enforcer/security/jwt/JWTAuthenticator.java Co-authored-by: Malintha Amarasinghe <[email protected]>
wso2 · Jan 8, 2024 · 340b7f1 · 340b7f1
1 parent b58e66a
commit 340b7f1
Showing 1 changed file with 3 additions and 6 deletions.
diff --git a/...nforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java b/...nforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java
@@ -416,16 +416,13 @@ private void checkTokenEnvAgainstDeploymentType(String keyType, APIConfig matche
         if (System.getenv("DEPLOYMENT_TYPE_ENFORCED") != null
                 && System.getenv("DEPLOYMENT_TYPE_ENFORCED").equalsIgnoreCase("false")
                 && keyType.equalsIgnoreCase(APIConstants.JwtTokenConstants.PRODUCTION_KEY_TYPE)) {
-            log.info("Deprecated: Production access token is used to access sandbox API deployment in " +
-                    "organization : " +  matchedAPI.getOrganizationId());
-            if (!prodTokenNonProdAllowedOrgs.isEmpty()) {
-                if (prodTokenNonProdAllowedOrgs.contains(matchedAPI.getOrganizationId())) {
-                    return;
-                }
+            if (!prodTokenNonProdAllowedOrgs.isEmpty() && !prodTokenNonProdAllowedOrgs.contains(matchedAPI.getOrganizationId())) {
                 throw new APISecurityException(APIConstants.StatusCodes.UNAUTHORIZED.getCode(),
                         APISecurityConstants.API_AUTH_INVALID_ENVIRONMENT,
                         APISecurityConstants.API_AUTH_INVALID_ENVIRONMENT_ERROR_MESSAGE);
             }
+            log.info("Deprecated: Production access token is used to access sandbox API deployment in " +
+                    "organization : " +  matchedAPI.getOrganizationId());
             return;
         }