From 1895e210b08aed9a39425b805a02256a23ccdf41 Mon Sep 17 00:00:00 2001
From: vpsx <19900057+vpsx@users.noreply.github.com>
Date: Tue, 22 Jun 2021 10:27:44 -0500
Subject: [PATCH] chore(log-txn): Log txn from RAS access token

---
 fence/resources/openid/ras_oauth2.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/fence/resources/openid/ras_oauth2.py b/fence/resources/openid/ras_oauth2.py
index 305f9a02db..f7aacc5f8e 100644
--- a/fence/resources/openid/ras_oauth2.py
+++ b/fence/resources/openid/ras_oauth2.py
@@ -90,6 +90,14 @@ def get_user_id(self, code):
                 options={"verify_aud": False, "verify_at_hash": False},
             )
 
+            # Log txn in access token for RAS ISA compliance
+            at_claims = jose_jwt.decode(
+                token["access_token"], keys, options={"verify_aud": False}
+            )
+            self.logger.info(
+                "Received RAS access token with txn: {}".format(at_claims.get("txn"))
+            )
+
             username = None
             if userinfo.get("UserID"):
                 username = userinfo["UserID"]