From 38a6b2e6e79d2e0746324bf45d594d7ac0167b4f Mon Sep 17 00:00:00 2001
From: Xavi Aracil <xaracil@1edtech.org>
Date: Tue, 25 Oct 2022 14:34:52 +0200
Subject: [PATCH] Add cause's message to the resulting report

---
 .../org/oneedtech/inspect/vc/probe/ExternalProofProbe.java  | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExternalProofProbe.java b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExternalProofProbe.java
index b14ce3c..ba299aa 100644
--- a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExternalProofProbe.java
+++ b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExternalProofProbe.java
@@ -50,7 +50,7 @@ public class ExternalProofProbe extends Probe<VerifiableCredential> {
 		try {
 			verifySignature(crd, ctx);
 		} catch (Exception e) {
-			return fatal("Error verifying jwt signature: " + e.getMessage(), ctx);
+			return fatal("Error verifying jwt signature: " + e.getMessage() + (e.getCause() != null ? ". Reason: " + e.getCause().getMessage() : ""), ctx);
 		}
 		return success(ctx);
 	}
@@ -75,7 +75,9 @@ public class ExternalProofProbe extends Probe<VerifiableCredential> {
 		JsonNode alg = headerObj.get("alg");
 		if(alg == null || !alg.textValue().equals("RS256")) { throw new Exception("alg must be present and must be 'RS256'"); }
 
-		//TODO: decoded jwt will check timestamps, but shall we explicitly break these out?
+		// decoded jwt will check timestamps, but shall we explicitly break these out?
+		// JWT verifier throws and exception with the cause when claims are invalid. Adding that cause
+		// to the probe result can avoid having to explicitly check the claims.
 
 		//Option 1, fetch directly from header
 		JsonNode jwk = headerObj.get("jwk");