def _decode_jwt_from_request(request_type): # We have three cases here, having jwts in both cookies and headers is # valid, or the jwt can only be saved in one of cookies or headers. Check # all cases here. if config.jwt_in_cookies and config.jwt_in_headers: try: decoded_token = _decode_jwt_from_cookies(request_type) except NoAuthorizationError: try: decoded_token = _decode_jwt_from_headers() except NoAuthorizationError: raise NoAuthorizationError( "Missing JWT in headers and cookies") elif config.jwt_in_headers: decoded_token = _decode_jwt_from_headers() else: decoded_token = _decode_jwt_from_cookies(request_type) # Make sure the type of token we received matches the request type we expect if decoded_token['type'] != request_type: raise WrongTokenError( 'Only {} tokens can access this endpoint'.format(request_type)) # If blacklisting is enabled, see if this token has been revoked if config.blacklist_enabled: check_if_token_revoked(decoded_token) return decoded_token
def wrapper(*args, **kwargs): # Get the JWT jwt_data = _decode_jwt_from_request() # verify this is a refresh token if jwt_data['type'] != 'refresh': raise WrongTokenError('Only refresh tokens can access this endpoint') # If blacklisting is enabled, see if this token has been revoked blacklist_enabled = get_blacklist_enabled() if blacklist_enabled: check_if_token_revoked(jwt_data) # Save the jwt in the context so that it can be accessed later by # the various endpoints that is using this decorator ctx_stack.top.jwt_identity = jwt_data['identity'] return fn(*args, **kwargs)
def wrapper(*args, **kwargs): # Attempt to decode the token jwt_data = _decode_jwt_from_request(type='access') # Verify this is an access token if jwt_data['type'] != 'access': raise WrongTokenError( 'Only access tokens can access this endpoint') # If blacklisting is enabled, see if this token has been revoked blacklist_enabled = get_blacklist_enabled() if blacklist_enabled: check_if_token_revoked(jwt_data) # Save the jwt in the context so that it can be accessed later by # the various endpoints that is using this decorator ctx_stack.top.jwt = jwt_data return fn(*args, **kwargs)
def wrapper(*args, **kwargs): # Attempt to decode the token jwt_data = _decode_jwt_from_request() # Verify this is an access token if jwt_data['type'] != 'access': raise WrongTokenError('Only access tokens can access this endpoint') # If blacklisting is enabled, see if this token has been revoked blacklist_enabled = get_blacklist_enabled() if blacklist_enabled: check_if_token_revoked(jwt_data) # Check if the token is fresh if not jwt_data['fresh']: raise FreshTokenRequired('Fresh token required') # Save the jwt in the context so that it can be accessed later by # the various endpoints that is using this decorator ctx_stack.top.jwt_identity = jwt_data['identity'] ctx_stack.top.jwt_user_claims = jwt_data['user_claims'] return fn(*args, **kwargs)