From 31234413397f7f2d1e2ebc150f4fe3e3cf504107 Mon Sep 17 00:00:00 2001
From: Taha Yassine Kraiem <tahayk2@gmail.com>
Date: Fri, 3 Dec 2021 16:12:57 +0100
Subject: [PATCH] feat(api): changed JWT iat

---
 ee/api/chalicelib/core/authorizers.py |  8 ++++----
 ee/api/chalicelib/core/users.py       | 13 +++----------
 ee/api/entrypoint.sh                  |  3 +++
 3 files changed, 10 insertions(+), 14 deletions(-)
 create mode 100755 ee/api/entrypoint.sh

diff --git a/ee/api/chalicelib/core/authorizers.py b/ee/api/chalicelib/core/authorizers.py
index f7f50f52b..ea326c2a1 100644
--- a/ee/api/chalicelib/core/authorizers.py
+++ b/ee/api/chalicelib/core/authorizers.py
@@ -1,10 +1,10 @@
-from chalicelib.utils.helper import environ
 import jwt
-from chalicelib.utils import helper
-from chalicelib.utils.TimeUTC import TimeUTC
 
 from chalicelib.core import tenants
 from chalicelib.core import users
+from chalicelib.utils import helper
+from chalicelib.utils.TimeUTC import TimeUTC
+from chalicelib.utils.helper import environ
 
 
 def jwt_authorizer(token):
@@ -44,7 +44,7 @@ def generate_jwt(id, tenant_id, iat, aud, exp=None):
             "userId": id,
             "tenantId": tenant_id,
             "exp": iat // 1000 + int(environ["jwt_exp_delta_seconds"]) + TimeUTC.get_utc_offset() // 1000 \
-                if exp is None else exp,
+                if exp is None else exp + TimeUTC.get_utc_offset() // 1000,
             "iss": environ["jwt_issuer"],
             "iat": iat // 1000,
             "aud": aud
diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py
index 473c0aff0..a3516ae29 100644
--- a/ee/api/chalicelib/core/users.py
+++ b/ee/api/chalicelib/core/users.py
@@ -683,17 +683,10 @@ def authenticate_sso(email, internal_id, exp=None):
 
         if r is not None:
             r = helper.dict_to_camel_case(r, ignore_keys=["appearance"])
-            query = cur.mogrify(
-                f"""UPDATE public.users
-                   SET jwt_iat = timezone('utc'::text, now())
-                   WHERE user_id = %(user_id)s 
-                   RETURNING jwt_iat;""",
-                {"user_id": r["id"]})
-            cur.execute(query)
-            rt = TimeUTC.datetime_to_timestamp(cur.fetchone()["jwt_iat"])
+            jwt_iat = TimeUTC.datetime_to_timestamp(change_jwt_iat(r['id']))
             return authorizers.generate_jwt(r['id'], r['tenantId'],
-                                            rt, aud=f"front:{helper.get_stage_name()}",
-                                            exp=(exp + rt // 1000) if exp is not None else None)
+                                            jwt_iat, aud=f"front:{helper.get_stage_name()}",
+                                            exp=(exp + jwt_iat // 1000) if exp is not None else None)
     return None
 
 
diff --git a/ee/api/entrypoint.sh b/ee/api/entrypoint.sh
new file mode 100755
index 000000000..0b87bc311
--- /dev/null
+++ b/ee/api/entrypoint.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+python env_handler.py
+chalice local --host 0.0.0.0 --stage ${ENTERPRISE_BUILD}