From 8efa18c6c3bc3490fa2bfb1750a222f910a196d6 Mon Sep 17 00:00:00 2001
From: Eric Dahlvang <EricDahlvang@gmail.com>
Date: Thu, 3 Sep 2020 18:15:58 -0700
Subject: [PATCH] Throw if IsSkillClaim and claimsValidator is null (#2761)

---
 .../botframework-connector/src/auth/jwtTokenValidation.ts      | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libraries/botframework-connector/src/auth/jwtTokenValidation.ts b/libraries/botframework-connector/src/auth/jwtTokenValidation.ts
index 98604d7671..faced238ee 100644
--- a/libraries/botframework-connector/src/auth/jwtTokenValidation.ts
+++ b/libraries/botframework-connector/src/auth/jwtTokenValidation.ts
@@ -132,6 +132,9 @@ export namespace JwtTokenValidation {
         if (authConfig.validateClaims) {
             // Call the validation method if defined (it should throw an exception if the validation fails)
             await authConfig.validateClaims(claims);
+        } else if (SkillValidation.isSkillClaim(claims)) {
+            // Skill claims must be validated using AuthenticationConfiguration validateClaims
+            throw new AuthenticationError('Unauthorized Access. Request is not authorized. Skill Claims require validation.', StatusCodes.UNAUTHORIZED); 
         }
     }