JWT Token Validation Security Bypass

[annrose2277-glitch]

[SECURITY] Fix JWT Token Validation Vulnerability in Authentication

🚨 Security Issue

JWT token validation in AuthRepository.isJwtExpired() has a critical security flaw that could allow invalid or malformed tokens to bypass authentication checks.

📝 Description

The isJwtExpired() function performs JWT expiration validation but has several security gaps:
closes #298

1. Missing Structure Validation: Function does not verify JWT has exactly 3 parts (header.payload.signature)
2. Incomplete Expiration Check: Tokens with exp: 0 or negative expiration values are not explicitly rejected
3. Generic Exception Handling: All parsing errors return true without distinguishing between critical and non-critical failures
4. Silent Failures: No logging of potential security incidents

Vulnerable Code

// Current implementation (Lines 747-769)
private fun isJwtExpired(token: String, bufferSeconds: Long = 60): Boolean {
    return try {
        val parts = token.split(".")
        if (parts.size < 2) return true  // ❌ Should be exactly 3
        val payload = String(
            Base64.decode(parts[1], Base64.URL_SAFE or Base64.NO_PADDING or Base64.NO_WRAP),
            Charsets.UTF_8
        )
        val json = JSONObject(payload)
        // ❌ Missing: if (!json.has("exp")) return true
        val exp = json.getLong("exp")
        // ❌ Missing: if (exp <= 0L) return true
        val now = Clock.System.now().epochSeconds
        exp <= now + bufferSeconds
    } catch (e: Exception) {
        true  // ❌ No logging of parsing errors
    }
}