def wrapper(*args, **kwargs):
pub_key = get_pub_key()
user = None
try:
jwt_header_name, token, tenant = jwt_utils.jwt_tenant(
request.headers)
except ValueError:
# TODO consider using something else like Flask-Login
# if not JWT information is provided in header, then this is a guest user
user = AnonymousUser()
if user is None:
try:
# TODO: validate token
decoded = jwt.decode(token, pub_key, verify=False)
username = decoded["http://wso2.org/claims/enduser"]
# remove ant @carbon.super or other nonsense, the tenant
# we get from the header anyway
username = username.split("@")[0]
except Exception as e:
logger.exception(e)
abort(400, 'could not decode JWT')
user = UserService.getUser(username, tenant)
if not user:
user = UserService.create(username=username,
jwt=token,
tenant=tenant)
# In case the JWT was updated for some reason, reset the jwt
UserService.setJWT(user, token)
request.current_user = user
return fn(*args, **kwargs)
def test_user_create(userdata):
user = UserService.create(username="******", jwt="testjwt", tenant="test")
assert user.id is not None
assert user.created is not None
assert user.username == 'newUser'
assert user.jwt == "testjwt"