From d650defa089cb51b35459057fe41d72d5418d460 Mon Sep 17 00:00:00 2001
From: Nicola Murino <nicola.murino@gmail.com>
Date: Sat, 15 Jun 2024 16:19:37 +0200
Subject: [PATCH] remove duplicated jwt tokens validation

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
---
 internal/httpd/middleware.go | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/internal/httpd/middleware.go b/internal/httpd/middleware.go
index 38fa0508..79d09ecc 100644
--- a/internal/httpd/middleware.go
+++ b/internal/httpd/middleware.go
@@ -23,7 +23,6 @@ import (
 	"strings"
 
 	"github.com/go-chi/jwtauth/v5"
-	"github.com/lestrrat-go/jwx/v2/jwt"
 	"github.com/rs/xid"
 	"github.com/sftpgo/sdk"
 
@@ -75,12 +74,6 @@ func validateJWTToken(w http.ResponseWriter, r *http.Request, audience tokenAudi
 		return errInvalidToken
 	}
 
-	err = jwt.Validate(token)
-	if err != nil {
-		logger.Debug(logSender, "", "error validating jwt token: %v", err)
-		doRedirect(http.StatusText(http.StatusUnauthorized), err)
-		return errInvalidToken
-	}
 	if isTokenInvalidated(r) {
 		logger.Debug(logSender, "", "the token has been invalidated")
 		doRedirect("Your token is no longer valid", nil)
@@ -112,7 +105,7 @@ func (s *httpdServer) validateJWTPartialToken(w http.ResponseWriter, r *http.Req
 	} else {
 		notFoundFunc = s.renderClientNotFoundPage
 	}
-	if err != nil || token == nil || jwt.Validate(token) != nil {
+	if err != nil || token == nil {
 		notFoundFunc(w, r, nil)
 		return errInvalidToken
 	}