Skip to content

Fix/token decode issue #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
brettchaldecott merged 5 commits into from
Mar 14, 2025
Merged

Fix/token decode issue #54

Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d2c0dc6
fix: corrected an error with the user details decode
Mar 14, 2025
3e14511
fix: fixed the logic in the is_authenticated_token to return correctly
Mar 14, 2025
7c7c59a
fix: fixed the decode logic to check for string first
Mar 14, 2025
be87772
fix: fixed the decode logic to check type to see if decode is required
Mar 14, 2025
77b4589
fix: removed semicolon
Mar 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 19 additions & 24 deletions kinde_sdk/kinde_api_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,8 @@ def is_authenticated(self) -> bool:
def is_authenticated_token(self, token_value: dict) -> dict:
if token_value:
if token_value.is_expired():
return self._refresh_token_value(token_value)
self._refresh_token_value(token_value)
return True
return None

def create_org(self) -> str:
Expand Down Expand Up @@ -335,32 +336,26 @@ def _decode_token_if_needed(self, token_name: str) -> None:
raise KindeTokenException(f"Token {token_name} doesn't exist.")

def _decode_token_if_needed_value(self, token_name: str, token_value: dict) -> dict:
if token_name not in token_value:
if not token_value:
raise KindeTokenException(
"Access token doesn't exist.\n"
"When grant_type is CLIENT_CREDENTIALS use fetch_token().\n"
'For other grant_type use "get_login_url()" or "get_register_url()".'
)
token = token_value.get(token_name)
token = token_value.get(token_name)

signing_key = self.jwks_client.get_signing_key_from_jwt(token)
if not isinstance(token, str):
return token_value

if token:
decode_token_params = {
"jwt":token,
"key": signing_key.key,
"algorithms":["RS256"],
"options":{
"verify_signature": True,
"verify_exp": True,
"verify_aud": False
}
signing_key = self.jwks_client.get_signing_key_from_jwt(token)
if signing_key:
decode_token_params = {
"jwt":token,
"key": signing_key.key,
"algorithms":["RS256"],
"options":{
"verify_signature": True,
"verify_exp": True,
"verify_aud": False
}
return jwt.decode(**decode_token_params)
else:
raise KindeTokenException(f"Token {token_name} doesn't exist.")
return token_value
}
return {token_name: jwt.decode(**decode_token_params)};
else:
raise KindeTokenException(f"Token {token_name} doesn't exist.")

def fetch_token(self, authorization_response: Optional[str] = None) -> None:
if self.grant_type == GrantType.CLIENT_CREDENTIALS:
Expand Down