def decode_token(token): """Decode JWT token entered by the user.""" if token is None: return http_error('Auth token audience cannot be verified.'), 401 if token.startswith('Bearer '): _, token = token.split(' ', 1) pub_key = fetch_public_key(current_app) audiences = get_audiences() decoded_token = None for aud in audiences: try: decoded_token = jwt.decode(token, pub_key, audience=aud) except jwt.InvalidTokenError: decoded_token = None current_app.logger.error( 'Auth Token could not be decoded for audience {}'.format(aud)) if decoded_token is not None: break if decoded_token is None: # raise jwt.InvalidTokenError('Auth token audience cannot be verified.') return {} return decoded_token
def decode_token(): """Decode JWT token entered by the user.""" token = request.headers.get('Authorization') if token is None: return {} if token.startswith('Bearer '): _, token = token.split(' ', 1) pub_key = fetch_public_key(current_app) audiences = current_app.config.get('BAYESIAN_JWT_AUDIENCE').split(',') for aud in audiences: try: decoded_token = jwt.decode(token, pub_key, audience=aud) except jwt.InvalidTokenError: current_app.logger.error( 'Auth Token could not be decoded for audience {}'.format(aud)) decoded_token = None if decoded_token is not None: break if decoded_token is None: raise jwt.InvalidTokenError('Auth token audience cannot be verified.') return decoded_token
def test_fetch_public_key_3(a): """Test fetch_public_key.""" resp = fetch_public_key(app) assert resp == \ '-----BEGIN PUBLIC KEY-----\ntest\n-----END PUBLIC KEY-----'
def test_fetch_public_key_1(a): """Test fetch_public_key.""" resp = fetch_public_key(app) assert resp == ''