diff --git a/src/main/java/br/com/hideyoshi/auth/controller/UserController.java b/src/main/java/br/com/hideyoshi/auth/controller/UserController.java
index f7ef9a3..5349b37 100644
--- a/src/main/java/br/com/hideyoshi/auth/controller/UserController.java
+++ b/src/main/java/br/com/hideyoshi/auth/controller/UserController.java
@@ -94,35 +94,48 @@ public class UserController {
 
     @PostMapping("/profile-picture")
     @UserResourceGuard(accessType = UserResourceGuardEnum.USER)
-    public StorageServiceUploadResponse addProfilePicture(
+    public ResponseEntity<StorageServiceUploadResponse> addProfilePicture(
             @RequestParam FileTypeEnum fileType
     ) {
         UserDTO user = this.authService.getLoggedUser();
-        return this.storageService.getNewFileUrl(
+
+
+
+        var newFileOption = this.storageService.getNewFileUrl(
                 user.getUsername(),
                 "profile",
                 fileType
-        ).orElseThrow(() -> new BadRequestException("File not found"));
+        );
+
+        if (newFileOption.isEmpty()) {
+            throw new BadRequestException("Invalid File Type");
+        }
+
+        return ResponseEntity.ok(newFileOption.get());
     }
 
     @DeleteMapping("/profile-picture")
     @UserResourceGuard(accessType = UserResourceGuardEnum.USER)
-    public void deleteProfilePicture() {
+    public ResponseEntity<Void> deleteProfilePicture() {
         UserDTO user = this.authService.getLoggedUser();
         this.storageService.deleteFile(
                 user.getUsername(),
                 "profile"
         );
+
+        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
 
     @PostMapping("/profile-picture/proccess")
     @UserResourceGuard(accessType = UserResourceGuardEnum.USER)
-    public void processProfilePicture() {
+    public ResponseEntity<Void> processProfilePicture() {
         UserDTO user = this.authService.getLoggedUser();
         this.storageService.processFile(
                 user.getUsername(),
                 "profile"
         );
+
+        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
 
 }
diff --git a/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java b/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java
index e1bd920..0c4dd94 100644
--- a/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java
@@ -61,15 +61,31 @@ public class SecurityConfig {
         http.httpBasic().disable()
                 .cors().and().csrf().disable();
 
-        this.addEndpointSecurityToHttp(http);
-        this.addOAuthSecurityToHttp(http);
+        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
 
-        this.configureEndpoints(http);
+        http.exceptionHandling()
+                .authenticationEntryPoint(this::failureHandler);
 
-        return http.build();
-    }
+        http.formLogin(form -> form
+                .loginProcessingUrl("/user/login")
+                .successHandler(this::successFormHandler)
+                .failureHandler(this::failureHandler)
+        );
+
+        http.oauth2Login(
+                oauth -> oauth
+                        .authorizationEndpoint()
+                        .authorizationRequestRepository(this.oAuthRequestRepository)
+                        .and().successHandler(this::successOAuth2Handler)
+                        .failureHandler(this::failureHandler)
+
+        );
+
+        http.addFilterBefore(
+            new JWTAuthenticationFilter(this.authService),
+            UsernamePasswordAuthenticationFilter.class
+        );
 
-    private void configureEndpoints(HttpSecurity http) throws Exception {
         for (String endpoint : this.userResourceHandler.getOpenPaths()) {
             http.authorizeRequests().antMatchers(endpoint).permitAll();
         }
@@ -78,30 +94,7 @@ public class SecurityConfig {
             http.authorizeRequests().antMatchers(endpoint).hasAnyAuthority("ROLE_USER", "ROLE_ADMIN");
         }
 
-        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
-        http.addFilterBefore(
-            new JWTAuthenticationFilter(this.authService),
-            UsernamePasswordAuthenticationFilter.class
-        );
-    }
-
-    private void addEndpointSecurityToHttp(HttpSecurity http) throws Exception {
-        http.formLogin(form -> form
-                .loginProcessingUrl("/user/login")
-                .successHandler(this::successFormHandler)
-                .failureHandler(this::failureHandler)
-        );
-
-        http.authorizeRequests().antMatchers("/login").denyAll();
-    }
-
-    private void addOAuthSecurityToHttp(HttpSecurity http) throws Exception {
-
-        http.oauth2Login()
-                .authorizationEndpoint()
-                .authorizationRequestRepository(this.oAuthRequestRepository)
-                .and().successHandler(this::successOAuth2Handler)
-                .failureHandler(this::failureHandler);
+        return http.build();
     }
 
     private void successFormHandler(HttpServletRequest request,
diff --git a/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java b/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java
index 057129e..ed47cf3 100644
--- a/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java
@@ -1,7 +1,7 @@
 package br.com.hideyoshi.auth.security.filter;
 
 import br.com.hideyoshi.auth.security.service.AuthService;
-import br.com.hideyoshi.auth.util.exception.AuthenticationInvalidException;
+import br.com.hideyoshi.auth.util.exception.BadRequestException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.filter.OncePerRequestFilter;
@@ -52,7 +52,7 @@ public class JWTAuthenticationFilter extends OncePerRequestFilter {
             String accessToken = authorizationHeader.substring(AUTHORIZATION_TYPE_STRING.length());
             return this.authService.extractAccessTokenInfo(accessToken);
         } else {
-            throw new AuthenticationInvalidException("Access denied");
+            throw new BadRequestException("No authorization header found");
         }
     }
 }
\ No newline at end of file
diff --git a/src/main/java/br/com/hideyoshi/auth/security/service/AuthService.java b/src/main/java/br/com/hideyoshi/auth/security/service/AuthService.java
index 5c5d0e1..5380eba 100644
--- a/src/main/java/br/com/hideyoshi/auth/security/service/AuthService.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/service/AuthService.java
@@ -27,7 +27,6 @@ import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Service;
 
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import javax.validation.Valid;
 import java.io.IOException;
@@ -130,10 +129,9 @@ public class AuthService {
         JWTVerifier verifier = JWT.require(algorithm).build();
         try {
             return Optional.of(verifier.verify(token));
-        } catch (Exception e) {
-            log.warn("Token verification failed: {}", e.getMessage());
+        } catch (Exception ignored) {
+            return Optional.empty();
         }
-        return Optional.empty();
     }
 
     private UserDTO getUserFromOAuth2User(OAuthDTO oAuth2User) {