fix: traction auth decorator (#2308) · argush3/lear@784a352

Commit

fix: traction auth decorator (bcgov#2308)

* feat: devcontainer configuraton for vscode

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: issue credentials through Traction tenant

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: app initialization workflow

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use out-of-band invitation for connecting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use v2.0 for issuing credential

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: web socket implmentation with flask-socketio

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: db migration script to enable revocation

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: revocation endpoint

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: replace endpoints

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update requirements

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: traction token exchanger

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: ws cors setting is a config option

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: clean up init in digital credential service

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* 18284: digital credentials (bcgov#2260)

* feat: devcontainer configuraton for vscode

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: issue credentials through Traction tenant

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: app initialization workflow

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use out-of-band invitation for connecting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use v2.0 for issuing credential

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: web socket implmentation with flask-socketio

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: db migration script to enable revocation

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: revocation endpoint

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: replace endpoints

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update requirements

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: traction token exchanger

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: ws cors setting is a config option

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: clean up init in digital credential service

Signed-off-by: Akiff Manji <amanji@petridish.dev>

---------

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: endpoints to reset credential offers

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: credential id lookup table

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: add business roles

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* 18284 Add pre-fork server hook to gunicorn config (bcgov#2285)

* chore: fix tests and linting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* 18284 feat: digital credentials (bcgov#2281)

* feat: devcontainer configuraton for vscode

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: issue credentials through Traction tenant

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: app initialization workflow

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use out-of-band invitation for connecting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use v2.0 for issuing credential

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: web socket implmentation with flask-socketio

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: db migration script to enable revocation

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: revocation endpoint

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: replace endpoints

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update requirements

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: traction token exchanger

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: ws cors setting is a config option

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: clean up init in digital credential service

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: endpoints to reset credential offers

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: credential id lookup table

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: add business roles

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix tests and linting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

---------

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: remove records from Traction on deletion

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* Revert "feat: web socket implmentation with flask-socketio"

This reverts commit 79a2631.

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* fix: port so it doesnt overlap with airplay server on OSX

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* Revert "fix: port so it doesnt overlap with airplay server on OSX"

This reverts commit 9763a17.

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: digital credentials (bcgov#2287)

* feat: devcontainer configuraton for vscode

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: hard code digital business card schema

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: issue credentials through Traction tenant

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: app initialization workflow

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use out-of-band invitation for connecting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: use v2.0 for issuing credential

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: web socket implmentation with flask-socketio

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: db migration script to enable revocation

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: revocation endpoint

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: replace endpoints

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update requirements

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: traction token exchanger

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: update workflow variables

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: ws cors setting is a config option

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix linting errors

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: clean up init in digital credential service

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: endpoints to reset credential offers

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: credential id lookup table

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* feat: add business roles

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix tests and linting

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* chore: fix tests

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* refactor: remove records from Traction on deletion

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* Revert "feat: web socket implmentation with flask-socketio"

This reverts commit 79a2631.

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* fix: port so it doesnt overlap with airplay server on OSX

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* Revert "fix: port so it doesnt overlap with airplay server on OSX"

This reverts commit 9763a17.

Signed-off-by: Akiff Manji <amanji@petridish.dev>

---------

Signed-off-by: Akiff Manji <amanji@petridish.dev>

* fix: improved token validation in traction auth decorator

Signed-off-by: Akiff Manji <amanji@petridish.dev>

---------

Signed-off-by: Akiff Manji <amanji@petridish.dev>
Co-authored-by: Argus Chiu <argus@highwaythreesolutions.com>

Loading branch information

amanji and argush3 committed Nov 15, 2023

1 parent 465bfe5 commit 784a352

legal-api/src/legal_api/decorators.py

-Original file line number
+Diff line change
@@ Expand Up / @@ -14,6 +14,7 @@ @@
 """This module holds function decorators."""
 import json
+from datetime import datetime
 from functools import wraps
 import jwt
@@ Expand Down Expand Up / @@ -43,7 +44,11 @@ def decorated_function(*args, **kwargs): @@
  if not hasattr(current_app, 'api_token'):
  raise jwt.ExpiredSignatureError
- jwt.decode(current_app.api_token, options={'verify_signature': False})
+ if not (decoded := jwt.decode(current_app.api_token, options={'verify_signature': False})):
+ raise jwt.ExpiredSignatureError
+ if datetime.utcfromtimestamp(decoded['exp']) <= datetime.utcnow():
+ raise jwt.ExpiredSignatureError
  except ExpiredSignatureError:
  current_app.logger.info('JWT token expired or is missing, requesting new token')
  response = requests.post(f'{traction_api_url}/multitenancy/tenant/{traction_tenant_id}/token',
@@ Expand Down @@

0 comments on commit `784a352`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `784a352`

Commit

There are no files selected for viewing

0 comments on commit 784a352

0 comments on commit `784a352`