Skip to content

Commit

Permalink
Patch #1480: call get_POST_body once
Browse files Browse the repository at this point in the history
The JWT validation update in PR 1480 contained a small error: by calling
the function get_POST_body() twice, the content of the request was
unavailable in the second call. This calls only once, but has the
downside of requiring a specific set of keys in the json request data.
Hence this might be fixed to be more flexible later, see comments in the
PR.
  • Loading branch information
AdamISZ committed Sep 4, 2023
1 parent 6e6e68b commit a847df9
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions jmclient/jmclient/wallet_rpc.py
Original file line number Diff line number Diff line change
Expand Up @@ -610,14 +610,14 @@ def _mkerr(err, description=""):

try:
assert isinstance(request.content, BytesIO)
grant_type = self.get_POST_body(request, ["grant_type",])["grant_type"]
post_body = self.get_POST_body(request, ["grant_type", "refresh_token"])
grant_type = post_body["grant_type"]
if grant_type not in {"refresh_token"}:
return _mkerr(
"unsupported_grant_type",
"The authorization grant type is not supported by the authorization server.",
)

token = self.get_POST_body(request, [grant_type])[grant_type]
token = post_body["refresh_token"]
except:
return _mkerr(
"invalid_request",
Expand Down

0 comments on commit a847df9

Please sign in to comment.