def decode_token():
"""Decode the authorization token read from the request header."""
token = request.headers.get('Authorization')
if token is None:
return {}
if token.startswith('Bearer '):
_, token = token.split(' ', 1)
pub_key = fetch_public_key(current_app)
audiences = current_app.config.get('BAYESIAN_JWT_AUDIENCE').split(',')
for aud in audiences:
try:
decoded_token = jwt.decode(token, pub_key, audience=aud)
except jwt.InvalidTokenError:
current_app.logger.error('Auth Token could not be decoded for audience {}'.format(aud))
decoded_token = None
if decoded_token is not None:
break
if decoded_token is None:
raise jwt.InvalidTokenError('Auth token audience cannot be verified.')
return decoded_token
auth.py 文件源码
python
阅读 21
收藏 0
点赞 0
评论 0
评论列表
文章目录
