From 06937b305ad9605be8418b8621b89bd803981533 Mon Sep 17 00:00:00 2001 From: Taha Yassine Kraiem Date: Fri, 7 Mar 2025 15:37:45 +0100 Subject: [PATCH] fix(chalice): debug refresh token --- api/chalicelib/core/authorizers.py | 3 +++ api/chalicelib/core/users.py | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/api/chalicelib/core/authorizers.py b/api/chalicelib/core/authorizers.py index 04b2edcd8..bd4f260a2 100644 --- a/api/chalicelib/core/authorizers.py +++ b/api/chalicelib/core/authorizers.py @@ -28,6 +28,9 @@ def jwt_authorizer(scheme: str, token: str, leeway=0) -> dict | None: if scheme.lower() != "bearer": return None try: + logger.warning("Checking JWT token: %s", token) + logger.warning("Against: %s", config("JWT_SECRET") if not is_spot_token(token) else config("JWT_SPOT_SECRET")) + logger.warning(get_supported_audience()) payload = jwt.decode(jwt=token, key=config("JWT_SECRET") if not is_spot_token(token) else config("JWT_SPOT_SECRET"), algorithms=config("JWT_ALGORITHM"), diff --git a/api/chalicelib/core/users.py b/api/chalicelib/core/users.py index 7b3df231e..6e3de7282 100644 --- a/api/chalicelib/core/users.py +++ b/api/chalicelib/core/users.py @@ -627,9 +627,12 @@ def authenticate(email, password, for_change_password=False) -> dict | bool | No response = { "jwt": authorizers.generate_jwt(user_id=r['userId'], tenant_id=r['tenantId'], iat=j_r.jwt_iat, aud=AUDIENCE), - "refreshToken": authorizers.generate_jwt_refresh(user_id=r['userId'], tenant_id=r['tenantId'], - iat=j_r.jwt_refresh_iat, aud=AUDIENCE, - jwt_jti=j_r.jwt_refresh_jti), + "refreshToken": authorizers.generate_jwt_refresh(user_id=r['userId'], + tenant_id=r['tenantId'], + iat=j_r.jwt_refresh_iat, + aud=AUDIENCE, + jwt_jti=j_r.jwt_refresh_jti, + for_spot=False), "refreshTokenMaxAge": config("JWT_REFRESH_EXPIRATION", cast=int), "email": email, "spotJwt": authorizers.generate_jwt(user_id=r['userId'], tenant_id=r['tenantId'],