def for_request(self, request, body=None):
if body and 'oauth_client_id' in body:
rv = Tenant.objects.get(pk=body['oauth_client_id'])
if rv is not None:
return rv, {}
jwt_data = request.GET.get('signed_request')
if not jwt_data:
header = request.META.get('HTTP_AUTHORIZATION', '')
jwt_data = header[4:] if header.startswith('JWT ') else None
if not jwt_data:
raise BadTenantError('Could not find JWT')
try:
oauth_id = jwt.decode(jwt_data, verify=False)['iss']
client = Tenant.objects.get(pk=oauth_id)
if client is not None:
data = jwt.decode(jwt_data, client.secret)
return client, data
except jwt.exceptions.DecodeError:
pass
raise BadTenantError('Could not find tenant')
评论列表
文章目录
