aboutsummaryrefslogtreecommitdiff
path: root/gn_auth
diff options
context:
space:
mode:
authorJohn Nduli2024-08-15 14:13:38 +0300
committerFrederick Muriuki Muriithi2024-08-15 10:22:58 -0500
commit03c98f69e3c2069cde81a995f7591a35b7eda01c (patch)
treea84529081006593e80ae25eb7a8407aa0a6f202b /gn_auth
parent30611d4b7c3ca59ff5eca858b79ea0fe60c6a311 (diff)
downloadgn-auth-03c98f69e3c2069cde81a995f7591a35b7eda01c.tar.gz
fix: bugs with generating auth tokens
Diffstat (limited to 'gn_auth')
-rw-r--r--gn_auth/auth/authorisation/users/masquerade/models.py13
-rw-r--r--gn_auth/auth/authorisation/users/masquerade/views.py2
2 files changed, 12 insertions, 3 deletions
diff --git a/gn_auth/auth/authorisation/users/masquerade/models.py b/gn_auth/auth/authorisation/users/masquerade/models.py
index ae2abad..a55e462 100644
--- a/gn_auth/auth/authorisation/users/masquerade/models.py
+++ b/gn_auth/auth/authorisation/users/masquerade/models.py
@@ -1,13 +1,16 @@
"""Functions for handling masquerade."""
-from uuid import uuid4
+import uuid
from functools import wraps
from datetime import datetime
+from authlib.jose import jwt
from flask import current_app as app
from gn_auth.auth.errors import ForbiddenAccess
+from gn_auth.auth.jwks import newest_jwk_with_rotation, jwks_directory
+
from ...roles.models import user_roles
from ....db import sqlite3 as db
from ....authentication.users import User
@@ -55,8 +58,14 @@ def masquerade_as(
user=masqueradee,
expires_in=__FIVE_HOURS__,
include_refresh_token=True)
+
+ _jwt = jwt.decode(
+ original_token.access_token,
+ newest_jwk_with_rotation(
+ jwks_directory(app),
+ int(app.config["JWKS_ROTATION_AGE_DAYS"])))
new_token = OAuth2Token(
- token_id=uuid4(),
+ token_id=uuid.UUID(_jwt["jti"]),
client=original_token.client,
token_type=token_details["token_type"],
access_token=token_details["access_token"],
diff --git a/gn_auth/auth/authorisation/users/masquerade/views.py b/gn_auth/auth/authorisation/users/masquerade/views.py
index 71cf98d..68f19ee 100644
--- a/gn_auth/auth/authorisation/users/masquerade/views.py
+++ b/gn_auth/auth/authorisation/users/masquerade/views.py
@@ -33,7 +33,7 @@ def masquerade() -> Response:
return new_token
def __dump_token__(tok):
return {
- key: value for key, value in tok.items()
+ key: value for key, value in asdict(tok).items()
if key in ("access_token", "refresh_token", "expires_in",
"token_type")
}