Add self resouce provider

src/oidc_test/resource_server.py

@@ -2,6 +2,7 @@ from datetime import datetime
 import logging
 
 from httpx import AsyncClient
+from jwt.exceptions import ExpiredSignatureError, InvalidTokenError
 
 from .models import User
 
@@ -22,15 +23,20 @@ async def get_resource(resource_id: str, user: User) -> dict:
     # but this has to be refined for production
     required_scope = f"get:{resource_id}"
     # Check if the required scope is in the scopes allowed in userinfo
-    if user.has_scope(required_scope):
-        await process(user, resource_id, resp)
-    else:
-        ## For the showcase, giving a explanation.
-        ## Alternatively, raise HTTP_401_UNAUTHORIZED
-        resp["sorry"] = (
-            f"No scope {required_scope} in the access token "
-            + "but it is required for accessing this resource."
-        )
+    try:
+        if user.has_scope(required_scope):
+            await process(user, resource_id, resp)
+        else:
+            ## For the showcase, giving a explanation.
+            ## Alternatively, raise HTTP_401_UNAUTHORIZED
+            resp["sorry"] = (
+                f"No scope {required_scope} in the access token "
+                + "but it is required for accessing this resource."
+            )
+    except ExpiredSignatureError:
+        resp["sorry"] = "The token's signature has expired"
+    except InvalidTokenError:
+        resp["sorry"] = "The token is invalid"
     return resp