From 495017c4045ffde778c4d68817e0f025c915a2e2 Mon Sep 17 00:00:00 2001
From: clauspeterhuebner <hr.softwarelab@t-online.de>
Date: Tue, 1 Jul 2025 18:46:08 +0200
Subject: [PATCH] remove unnecessary checks after decryptAndVerify

---
 backend/src/auth/jwt/JWT.ts                                   | 4 ++--
 .../src/graphql/api/1_0/resolver/AuthenticationResolver.ts    | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/backend/src/auth/jwt/JWT.ts b/backend/src/auth/jwt/JWT.ts
index d544d7f7d..be1adf790 100644
--- a/backend/src/auth/jwt/JWT.ts
+++ b/backend/src/auth/jwt/JWT.ts
@@ -12,7 +12,7 @@ import { EncryptedJWEJwtPayloadType } from './payloadtypes/EncryptedJWEJwtPayloa
 export const createKeyPair = async (): Promise<{ publicKey: string; privateKey: string }> => {
   // Generate key pair using jose library
   const keyPair = await generateKeyPair('RS256');
-  logger.debug(`Federation: writeJwtKeyPairInHomeCommunity generated keypair=`, keyPair);
+  logger.debug(`Federation: writeJwtKeyPairInHomeCommunity generated keypair...`);
   
   // Convert keys to PEM format for storage in database
   const publicKeyPem = await exportSPKI(keyPair.publicKey);
@@ -47,7 +47,7 @@ export const verify = async (token: string, publicKey: string): Promise<JwtPaylo
 
 export const encode = async (payload: JwtPayloadType, privatekey: string): Promise<string> => {
   logger.debug('JWT.encode... payload=', payload)
-  logger.debug('JWT.encode... privatekey=', privatekey)
+  logger.debug('JWT.encode... privatekey=', privatekey.substring(0, 10))
   try {
     const importedKey = await importPKCS8(privatekey, 'RS256')
     const secret = typeof importedKey === 'string' 
diff --git a/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts b/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts
index d7b17db91..9a64d9664 100644
--- a/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts
+++ b/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts
@@ -52,6 +52,7 @@ export class AuthenticationResolver {
     if (openConnectionJwtPayload.tokentype !== OpenConnectionJwtPayloadType.OPEN_CONNECTION_TYPE) {
       throw new LogError(`invalid tokentype of community with publicKey`, pubKeyBuf.toString('hex'))
     }
+    /*
     if (openConnectionJwtPayload.expiration < new Date().toISOString()) {
       throw new LogError(`invalid expiration of community with publicKey`, pubKeyBuf.toString('hex'))
     }
@@ -61,6 +62,7 @@ export class AuthenticationResolver {
     if (openConnectionJwtPayload.audience !== JwtPayloadType.AUDIENCE) {
       throw new LogError(`invalid audience of community with publicKey`, pubKeyBuf.toString('hex'))
     }
+    */
     const fedComA = await DbFedCommunity.findOneByOrFail({ publicKey: comA.publicKey })
     if (!openConnectionJwtPayload.url.startsWith(fedComA.endPoint)) {
       throw new LogError(`invalid url of community with publicKey`, pubKeyBuf.toString('hex'))