f9c3204ca1
* refactor(chalice): upgraded dependencies refactor(crons): upgraded dependencies refactor(alerts): upgraded dependencies * fix(chalice): return error when updating inexistant webhook * feat(chalice): fixed delete webhook response * feat(chalice): limit webhooks name length * feat(chalice): upgraded dependencies feat(alerts): upgraded dependencies feat(crons): upgraded dependencies * fix(chalice): remove urllib3 dependency * feat(chalice): remove FOSS to pydantic v2 * fix(chalice): freeze urllib3 to not have conflicts between boto3 and requests * feat(chalice): refactoring schema in progress * feat(chalice): refactoring schema in progress * feat(chalice): refactoring schema in progress * feat(chalice): refactoring schema in progress feat(chalice): upgraded dependencies * feat(chalice): refactored schema * feat(DB): transfer size support * feat(chalice): support service account * feat(chalice): support service account * fix(chalice): fixed refactored PayloadSchema-name * feat(chalice): path analysis * feat(chalice): support service account 1/2 * feat(DB): timezone support * feat(chalice): upgraded dependencies feat(alerts): upgraded dependencies feat(crons): upgraded dependencies feat(assist): upgraded dependencies feat(sourcemaps): upgraded dependencies * feat(chalice): path analysis schema changes * feat(chalice): path analysis query change * feat(chalice): path analysis query change * feat(chalice): ios replay support * feat(chalice): ios replay support * feat(chalice): path analysis changes * feat(DB): ios events * feat(chalice): upgraded dependencies * feat(chalice): simple hide minor paths * feat(chalice): path analysis density * feat(chalice): session's replay ios events * feat(chalice): fixed typo * feat(chalice): support project's platform * feat(DB): support project's platform * feat(chalice): path analysis EE in progress * feat(chalice): project's platform API * feat(chalice): fixed create project * feat(chalice): EE path analysis in progress * feat(chalice): EE path analysis refactor(chalice): support specific database name for clickhouse-client * feat(chalice): upgraded dependencies feat(chalice): path analysis specific event type for startPoint feat(chalice): path analysis specific event type for endPoint feat(chalice): path analysis specific event type for exclude * refactoring(chalice): changed IOS click event type * refactoring(chalice): upgraded dependencies refactoring(alerts): upgraded dependencies refactoring(crons): upgraded dependencies refactoring(peers): upgraded dependencies refactoring(assist): upgraded dependencies refactoring(sourcemaps-reader): upgraded dependencies * refactoring(chalice): upgraded dependencies refactoring(alerts): upgraded dependencies refactoring(crons): upgraded dependencies refactoring(peers): upgraded dependencies refactoring(assist): upgraded dependencies refactoring(sourcemaps-reader): upgraded dependencies * feat(chalice): upgraded dependencies feat(alerts): upgraded dependencies feat(crons): upgraded dependencies * refactoring(chalice): refactored cards refactoring(chalice): upgraded dependencies * feat(chalice): get path-analysis issues list * feat(chalice): changed crash_ios feat(DB): changed crash_ios * fix(chalice): fix crashlooping * feat(chalice): support tap-rage feat(DB): support tap-rage * feat(chalice): Exp search support click-selector feat(DB): CH support click-selector * feat(chalice): refresh token feat(DB): refresh token * feat(chalice): refresh token changes * feat(chalice): fixed authorizer context attribute changes * feat(chalice): fixed refresh token path&age * feat(chalice): fixed refresh token RTR * feat(chalice): EE refresh token feat(DB): EE refresh token * feat(chalice): migrated EE refresh token * feat(chalice): fixed crashing changes * feat(chalice): fixed instant expiration * feat(chalice): fix * feat(chalice): fix * feat(chalice): fix * feat(chalice): refresh token debug * feat(chalice): refresh token debug * feat(chalice): refresh token debug * feat(chalice): fix refresh token path * feat(chalice): refresh token on signup * feat(DB): refresh token
98 lines
2.6 KiB
Python
98 lines
2.6 KiB
Python
import jwt
|
|
from chalicelib.utils import helper
|
|
from chalicelib.utils.TimeUTC import TimeUTC
|
|
from decouple import config
|
|
from chalicelib.core import tenants
|
|
from chalicelib.core import users
|
|
|
|
|
|
def jwt_authorizer(scheme: str, token: str, leeway=0):
|
|
if scheme.lower() != "bearer":
|
|
return None
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
config("jwt_secret"),
|
|
algorithms=config("jwt_algorithm"),
|
|
audience=[f"front:{helper.get_stage_name()}"],
|
|
leeway=leeway
|
|
)
|
|
except jwt.ExpiredSignatureError:
|
|
print("! JWT Expired signature")
|
|
return None
|
|
except BaseException as e:
|
|
print("! JWT Base Exception")
|
|
print(e)
|
|
return None
|
|
return payload
|
|
|
|
|
|
def jwt_refresh_authorizer(scheme: str, token: str):
|
|
if scheme.lower() != "bearer":
|
|
return None
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
config("JWT_REFRESH_SECRET"),
|
|
algorithms=config("jwt_algorithm"),
|
|
audience=[f"front:{helper.get_stage_name()}"]
|
|
)
|
|
except jwt.ExpiredSignatureError:
|
|
print("! JWT-refresh Expired signature")
|
|
return None
|
|
except BaseException as e:
|
|
print("! JWT-refresh Base Exception")
|
|
print(e)
|
|
return None
|
|
return payload
|
|
|
|
|
|
def jwt_context(context):
|
|
user = users.get(user_id=context["userId"], tenant_id=context["tenantId"])
|
|
if user is None:
|
|
return None
|
|
return {
|
|
"tenantId": context["tenantId"],
|
|
"userId": context["userId"],
|
|
**user
|
|
}
|
|
|
|
|
|
def generate_jwt(user_id, tenant_id, iat, aud):
|
|
token = jwt.encode(
|
|
payload={
|
|
"userId": user_id,
|
|
"tenantId": tenant_id,
|
|
"exp": iat + config("JWT_EXPIRATION", cast=int),
|
|
"iss": config("JWT_ISSUER"),
|
|
"iat": iat,
|
|
"aud": aud
|
|
},
|
|
key=config("jwt_secret"),
|
|
algorithm=config("jwt_algorithm")
|
|
)
|
|
return token
|
|
|
|
|
|
def generate_jwt_refresh(user_id, tenant_id, iat, aud, jwt_jti):
|
|
token = jwt.encode(
|
|
payload={
|
|
"userId": user_id,
|
|
"tenantId": tenant_id,
|
|
"exp": iat + config("JWT_REFRESH_EXPIRATION", cast=int),
|
|
"iss": config("JWT_ISSUER"),
|
|
"iat": iat,
|
|
"aud": aud,
|
|
"jti": jwt_jti
|
|
},
|
|
key=config("JWT_REFRESH_SECRET"),
|
|
algorithm=config("jwt_algorithm")
|
|
)
|
|
return token
|
|
|
|
|
|
def api_key_authorizer(token):
|
|
t = tenants.get_by_api_key(token)
|
|
if t is not None:
|
|
t["createdAt"] = TimeUTC.datetime_to_timestamp(t["createdAt"])
|
|
return t
|