Skip to content

Handle invalid token in JWTRefreshMiddleware #56904

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vincbeck merged 1 commit into from
Oct 20, 2025
Merged

Handle invalid token in JWTRefreshMiddleware #56904

vincbeck merged 1 commit into from
Oct 20, 2025
+18 −3

Conversation

@vincbeck
Copy link
Contributor

@vincbeck vincbeck commented Oct 20, 2025

When the token is invalid, the middleware JWTRefreshMiddleware creates a 500. Handle this use case. An easy reproducible step is to not set AIRFLOW__API_AUTH__JWT_SECRET, and restarting breeze while keeping your browser open.

See discussion in Slack.

^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named {pr_number}.significant.rst or {issue_number}.significant.rst, in airflow-core/newsfragments.

@boring-cyborg boring-cyborg bot added the area:API Airflow's REST/HTTP API label Oct 20, 2025
@jscheffl
Copy link
Contributor

jscheffl commented Oct 20, 2025

The PR that broke it... did this go to v3-1-test and do we need to backport this?

jscheffl
jscheffl approved these changes Oct 20, 2025
View reviewed changes
Copy link
Contributor

@jscheffl jscheffl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can confirmt his fixes it! Thanks for helping out (faster than I was able to make my hands dirty...)

@vincbeck
Copy link
Contributor Author

vincbeck commented Oct 20, 2025

The PR that broke it... did this go to v3-1-test and do we need to backport this?

No, JWTRefreshMiddleware is not in v3-1-test branch

@vincbeck vincbeck merged commit d0e6222 into apache:main Oct 20, 2025
113 checks passed
@vincbeck vincbeck deleted the vincbeck/fix_invalid_token branch October 20, 2025 20:25
nailo2c pushed a commit to nailo2c/airflow that referenced this pull request Oct 20, 2025
@vincbeck @nailo2c
Handle invalid token in JWTRefreshMiddleware (apache#56904)
d07f9d3
pierrejeambrun pushed a commit to astronomer/airflow that referenced this pull request Dec 8, 2025
@vincbeck @pierrejeambrun
Handle invalid token in JWTRefreshMiddleware (apache#56904)
5c4c247 
(cherry picked from commit d0e6222)
@ephraimbuddy ephraimbuddy added this to the Airflow 3.1.4 milestone Dec 8, 2025
@pierrejeambrun
Copy link
Member

pierrejeambrun commented Dec 8, 2025

No, JWTRefreshMiddleware is not in v3-1-test branch

Apparently that changed, backport PR #58649, so we need to backport this too.

ephraimbuddy pushed a commit that referenced this pull request Dec 8, 2025
@vincbeck @ephraimbuddy
Handle invalid token in JWTRefreshMiddleware (#56904)
3ba0fc0 
(cherry picked from commit d0e6222)
@vincbeck
Copy link
Contributor Author

vincbeck commented Dec 8, 2025

No, JWTRefreshMiddleware is not in v3-1-test branch

Apparently that changed, backport PR #58649, so we need to backport this too.

Very good catch! I can do it

@pierrejeambrun pierrejeambrun mentioned this pull request Dec 8, 2025
Closed
2 tasks
@pierrejeambrun
Copy link
Member

pierrejeambrun commented Dec 8, 2025
edited
Loading

@vincbeck Ephraim is on it. (same for the other PR). As he is cutting rc2

@vincbeck
Copy link
Contributor Author

vincbeck commented Dec 8, 2025

@vincbeck Ephraim is on it. (same for the other PR). As he is cutting rc2

Even better! Thanks for the heads-up

ephraimbuddy pushed a commit that referenced this pull request Dec 8, 2025
@vincbeck @ephraimbuddy
Handle invalid token in JWTRefreshMiddleware (#56904)
1efe8bf 
(cherry picked from commit d0e6222)
ephraimbuddy pushed a commit that referenced this pull request Dec 8, 2025
@vincbeck @ephraimbuddy
Handle invalid token in JWTRefreshMiddleware (#56904)
42984c5 
(cherry picked from commit d0e6222)
@ephraimbuddy ephraimbuddy mentioned this pull request Dec 8, 2025
Closed
78 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@potiuk potiuk potiuk approved these changes

@jscheffl jscheffl jscheffl approved these changes

Assignees

No one assigned

Labels

area:API Airflow's REST/HTTP API

Projects

None yet

Milestone

Airflow 3.1.4

Development

Successfully merging this pull request may close these issues.

5 participants

@vincbeck @jscheffl @pierrejeambrun @potiuk @ephraimbuddy