Return correct error message for invalid tokens.

group/group.go

@@ -1012,7 +1012,7 @@ func (g *Group) getPermission(creds ClientCredentials) (string, []string, error)
 	if creds.Token != "" {
 		tok, err := token.Parse(creds.Token, desc.AuthKeys)
 		if err != nil {
-			return "", nil, err
+			return "", nil, &NotAuthorisedError{err: err}
 		}
 
 		conf, err := GetConfiguration()

rtpconn/webclient.go

@@ -1426,6 +1426,7 @@ func handleClientMessage(c *webClient, m clientMessage) error {
 			} else if errors.As(err, &autherr) {
 				s = "not authorised"
 				time.Sleep(200 * time.Millisecond)
+				log.Printf("Join group: %v", err)
 			} else if _, ok := err.(group.UserError); ok {
 				s = err.Error()
 			} else {

token/jwt.go

@@ -137,6 +137,10 @@ func parseJWT(token string, keys []map[string]interface{}) (*JWT, error) {
 		jwt.WithLeeway(5*time.Second),
 	)
 	if err != nil {
+		if errors.Is(err, jwt.ErrTokenMalformed) {
+			// assume this is not a JWT
+			return nil, nil
+		}
 		return nil, err
 	}
 	return (*JWT)(t), nil

token/token.go

@@ -28,7 +28,6 @@ func Parse(token string, keys []map[string]interface{}) (Token, error) {
 		return nil, err1
 	} else if err2 != nil {
 		return nil, err2
-	} else {
-		return nil, os.ErrNotExist
 	}
+	return nil, os.ErrNotExist
 }