Skip to content

Commit b3dc4b2

Browse files
BenjaminPelletierBenjaminPelletier
authored
[security] Update pyjwt, pyopenssl, pyasn1 (#1397)
1 parent 6d97468 commit b3dc4b2

File tree

2 files changed

+11
-14
lines changed

2 files changed

+11
-14
lines changed

monitoring/monitorlib/auth_validation.py

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@
1111
class Authorization(NamedTuple):
1212
client_id: str
1313
scopes: list[str]
14-
issuer: str
1514

1615

1716
class InvalidScopeError(Exception):
@@ -99,6 +98,7 @@ def wrapper(*args, **kwargs):
9998
client_id = (
10099
r["client_id"] if "client_id" in r else r.get("sub", None)
101100
)
101+
assert isinstance(client_id, str)
102102
except jwt.ImmatureSignatureError:
103103
raise InvalidAccessTokenError("Access token is immature.")
104104
except jwt.ExpiredSignatureError:
@@ -113,10 +113,7 @@ def wrapper(*args, **kwargs):
113113
raise InvalidAccessTokenError(
114114
f"Unexpected InvalidTokenError: {str(e)}"
115115
)
116-
issuer = r.get("iss", None)
117-
flask.request.jwt = Authorization(
118-
client_id, provided_scopes, issuer
119-
)
116+
flask.request.jwt = Authorization(client_id, provided_scopes)
120117

121118
return fn(*args, **kwargs)
122119

uv.lock

Lines changed: 9 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)