Make sure the check_authenticated_session method validates the token (#52)

green-sh · web-flow · commit a03126163515 · 2025-10-05T11:53:08.000+03:00
* Update auth.py

Make sure the check_authenticated_session method validates the token

added import of TokenStatus
diff --git a/fastapi_msal/auth.py b/fastapi_msal/auth.py
@@ -7,6 +7,7 @@
 from fastapi_msal.core import MSALClientConfig, OptStr
 from fastapi_msal.models import AuthToken, BearerToken, IDTokenClaims
 from fastapi_msal.security import MSALAuthCodeHandler, MSALScheme
+from fastapi_msal.models.id_token_claims import TokenStatus
 
 
 class MSALAuthorization:
@@ -92,7 +93,7 @@ async def check_authenticated_session(self, request: Request) -> bool:
         auth_token: Optional[AuthToken] = await self.get_session_token(request)
         if auth_token:
             token_claims: Optional[IDTokenClaims] = await self.handler.parse_id_token(token=auth_token)
-            if token_claims and token_claims.validate_token():
+            if token_claims and token_claims.validate_token() == TokenStatus.VALID:
                 return True
         return False
 
