You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2021/07/18 19:27:02 UTC
[airavata-django-portal] 02/04: Handle refresh token failure
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
commit 5e515b7135b666751d3e33f4530c85f1f1be7a27
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Sun Jul 18 15:23:22 2021 -0400
Handle refresh token failure
---
django_airavata/apps/auth/backends.py | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/django_airavata/apps/auth/backends.py b/django_airavata/apps/auth/backends.py
index 349d4d2..91a9e7b 100644
--- a/django_airavata/apps/auth/backends.py
+++ b/django_airavata/apps/auth/backends.py
@@ -54,6 +54,8 @@ class KeycloakBackend(object):
logger.debug("Refreshing token...")
token, userinfo = \
self._get_token_and_userinfo_from_refresh_token(request)
+ if token is None: # refresh failed
+ return None
self._process_token(request, token)
# user is already logged in
user = request.user
@@ -63,6 +65,8 @@ class KeycloakBackend(object):
token, userinfo = \
self._get_token_and_userinfo_from_refresh_token(
request, refresh_token=refresh_token)
+ if token is None: # refresh failed
+ return None
self._process_token(request, token)
user = self._process_userinfo(request, userinfo)
access_token = token['access_token']
@@ -161,12 +165,16 @@ class KeycloakBackend(object):
# refresh_token doesn't take client_secret kwarg, so create auth
# explicitly
auth = requests.auth.HTTPBasicAuth(client_id, client_secret)
- token = oauth2_session.refresh_token(token_url=token_url,
- refresh_token=refresh_token_,
- auth=auth,
- verify=verify)
- userinfo = oauth2_session.get(userinfo_url).json()
- return token, userinfo
+ try:
+ token = oauth2_session.refresh_token(token_url=token_url,
+ refresh_token=refresh_token_,
+ auth=auth,
+ verify=verify)
+ userinfo = oauth2_session.get(userinfo_url).json()
+ return token, userinfo
+ except InvalidGrantError as e:
+ logger.warning(f"Failed to refresh token {refresh_token_}: {e}")
+ return None, None
def _get_userinfo_from_token(self, request, token):
client_id = settings.KEYCLOAK_CLIENT_ID