| Age | Commit message (Collapse) | Author |
|---|
|
|
|
In order to use JSON consistently across the board, we make even the
authentication method use JSON rather than FORMDATA.
|
|
* Fetch keys from auth server
* Validate token is signed with one of the keys from server
* Ensure refreshing of token is still synchronised
|
|
The application can be run in a multi-threaded server, leading to a
situation where the multiple threads attempt to get a new JWT using
the exact same refresh token.
This synchronises the various threads ensuring only a single thread is
able to retrieve the new JWT that all the rest of the threads then
use.
|
|
With the change to JWTs the time-to-live for each token is severely
curtailed to help with security in case of a token theft. We,
therefore, can no longer rely on the TTL for session expiration,
rather, we will rely of the token-refresh mechanism to expire a token
after a long while.
|
|
|
|
|
|
|
|
* gn2/wqflask/oauth2/client.py (oauth2_get): Add a jsonify_p key word
that defaults to False.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
* gn2/wqflask/oauth2/client.py (no_token_post): "uri" does not exist.
Replace it with "uri_path."
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
|
|
|
|
Fetch configurations from the application, rather than from the
`gn2.utility.tools` module that does not get the updated values from
the secrets file.
|
|
|
|
We move all modules under a gn2 directory. This is important for
"correct" packaging and deployment as a Guix service.
|
