From ca83384d5d5ad24a6a9df313aed6ffdfc31770b5 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Wed, 24 Jul 2024 12:06:11 -0500 Subject: JWT refresh: Deactivate the checks and revocation The checks for whether a token is already linked, and then revoking it and raising an error were causing issues in multi-threaded environments, where there'd be multiple requests to the auth server all using an expired token. This just links the refresh token and avoids the check and revocation for the time being. --- gn_auth/auth/authentication/oauth2/models/jwtrefreshtoken.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'gn_auth/auth/authentication') diff --git a/gn_auth/auth/authentication/oauth2/models/jwtrefreshtoken.py b/gn_auth/auth/authentication/oauth2/models/jwtrefreshtoken.py index 31c9147..58dd14a 100644 --- a/gn_auth/auth/authentication/oauth2/models/jwtrefreshtoken.py +++ b/gn_auth/auth/authentication/oauth2/models/jwtrefreshtoken.py @@ -159,10 +159,12 @@ def link_child_token(conn: db.DbConnection, parenttoken: str, childtoken: str): lambda _tok: revoke_refresh_token(conn, _tok)) raise InvalidGrantError(_error_msg_) + def __handle_not_found__(_error_msg_): + raise InvalidGrantError(_error_msg_) + load_refresh_token(conn, parenttoken).maybe( - Left("Token not found"), Right).then( - __check_child__).either(__revoke_and_raise_error__, - __link_to_child__) + Left("Token not found"), Right).either( + __handle_not_found__, __link_to_child__) def is_refresh_token_valid(token: JWTRefreshToken, client: OAuth2Client) -> bool: -- cgit v1.2.3