Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PR-3242 Improve handling of JWT bearer tokens #853

Merged
merged 2 commits into from
Jan 10, 2025
Merged

PR-3242 Improve handling of JWT bearer tokens #853

merged 2 commits into from
Jan 10, 2025

Conversation

reweeden
Copy link
Contributor

@reweeden reweeden commented Dec 26, 2024
edited
Loading

Replaces the old bearer token logic with updated handling for JWT bearer tokens. The user_id is extracted from the bearer token directly, eliminating 1 call to EDL, and then the token is used to fetch the user profile, simultaneously verifying the validity of the token and returning the profile information. That eliminates another EDL call for fetching an application bearer token.

TODO:

@reweeden reweeden force-pushed the rew/pr-3242-reduce-edl-calls branch 5 times, most recently from f12c953 to a1023e9 Compare January 9, 2025 19:34
@reweeden reweeden marked this pull request as ready for review January 9, 2025 20:16
gjclark
gjclark reviewed Jan 9, 2025
View reviewed changes
thin_egress_app/app.py
except EulaException as e:
log.warning("user has not accepted EULA")
status_code = 403
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be useful or possible to use http status forbidden from https://docs.python.org/3/library/http.html#http-status-codes?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be possible, I'm not sure it would be super useful. It would be nice to have the text names of the status codes, but then you'd lose the integer code information which is ultimately what matters.

Besides the debate over whether or not it should be changed, procedurally I would want to make a change like that in it's own PR since it would have to touch code all over TEA.

@reweeden reweeden force-pushed the rew/pr-3242-reduce-edl-calls branch from a1023e9 to 839daec Compare January 10, 2025 16:16
@reweeden reweeden force-pushed the rew/pr-3242-reduce-edl-calls branch from 839daec to 7cd5ebb Compare January 10, 2025 16:20
@reweeden reweeden force-pushed the rew/pr-3242-reduce-edl-calls branch from 7cd5ebb to c9ecccb Compare January 10, 2025 17:16
@reweeden reweeden force-pushed the rew/pr-3242-reduce-edl-calls branch from c9ecccb to d9e2af9 Compare January 10, 2025 18:09
@reweeden reweeden merged commit 3e03634 into devel Jan 10, 2025
11 of 12 checks passed
@reweeden reweeden deleted the rew/pr-3242-reduce-edl-calls branch January 10, 2025 18:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gjclark gjclark gjclark left review comments

@mckadesorensen mckadesorensen mckadesorensen approved these changes

@mattp0 mattp0 mattp0 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@reweeden @mattp0 @mckadesorensen @gjclark