Skip to content

Commit

Permalink
Fix refresh token value when jwt-rotation enabled (#407)
Browse files Browse the repository at this point in the history 
Co-authored-by: Ami Mahloof <[email protected]>
  • Loading branch information
@guyp-descope @ami-descope
guyp-descope and ami-descope authored Sep 5, 2024
1 parent 80b1f4d commit 4b8d3fd
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions descope/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -505,13 +505,13 @@ def _generate_auth_info(
if st_jwt:
jwt_response[SESSION_TOKEN_NAME] = self._validate_token(st_jwt, audience)
rt_jwt = response_body.get("refreshJwt", "")
if refresh_token:
if rt_jwt:
jwt_response[REFRESH_SESSION_TOKEN_NAME] = self._validate_token(
refresh_token, audience
rt_jwt, audience
)
elif rt_jwt:
elif refresh_token:
jwt_response[REFRESH_SESSION_TOKEN_NAME] = self._validate_token(
rt_jwt, audience
refresh_token, audience
)

jwt_response = self.adjust_properties(jwt_response, user_jwt)
Expand Down Expand Up @@ -652,6 +652,9 @@ def refresh_session(
response = self.do_post(uri=uri, body={}, params=None, pswd=refresh_token)

resp = response.json()
refresh_token = (
response.cookies.get(REFRESH_SESSION_COOKIE_NAME, None) or refresh_token
)
return self.generate_jwt_response(resp, refresh_token, audience)

def validate_and_refresh_session(
Expand Down

0 comments on commit 4b8d3fd

Please sign in to comment.