From d25dd76d7b1a34e0aa411f62ed68cf22ac5c3aef Mon Sep 17 00:00:00 2001
From: sadilchamishka <sandilchamishka@gmail.com>
Date: Mon, 18 Nov 2024 21:56:02 +0530
Subject: [PATCH] Treat the ID token signature failure as client error isntead
 of generic error which will be logged as server error later

---
 .../carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java b/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java
index f781292953..929f27aa3a 100644
--- a/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java
+++ b/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java
@@ -1108,7 +1108,7 @@ private String getClientIdFromIdToken(HttpServletRequest request, String idToken
             return OIDCSessionManagementUtil.extractClientIDFromDecryptedIDToken(decryptedIDToken);
         } else {
             if (!validateIdToken(idToken)) {
-                throw new IdentityOAuth2Exception(OAuth2ErrorCodes.OAuth2SubErrorCodes.INVALID_ID_TOKEN,
+                throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.OAuth2SubErrorCodes.INVALID_ID_TOKEN,
                         "ID token signature validation failed.");
             }
             return extractClientFromIdToken(idToken);