Skip to content

Allow changing subject claim #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 13, 2017
Merged

Allow changing subject claim #66

merged 2 commits into from
Jul 13, 2017

Conversation

@psafont
Copy link
Contributor

@psafont psafont commented Jul 12, 2017

Changes which claim to validate and retrieve as 'identity', as a client.
Allows user to configure which is the claim through app.config.

Related to issue #65

@coveralls
Copy link

coveralls commented Jul 12, 2017
edited
Loading

Coverage Status

Coverage remained the same at 100.0% when pulling 68551ed on psafont:sub-decode into 17c3254 on vimalloc:master.

vimalloc
vimalloc reviewed Jul 12, 2017
View reviewed changes
flask_jwt_extended/tokens.py Outdated


def decode_jwt(encoded_token, secret, algorithm, csrf):
def decode_jwt(encoded_token, secret, algorithm, csrf, identity):
Copy link
Owner

@vimalloc vimalloc Jul 12, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add this to the encode_refresh_token and encode_access_token too? I think the identity kwarg is already in use, so we could use something like identity_claim or something instead? In fact, maybe we should change this to identity_claim as well?

We will need to update the calls to encode_access_token and encode_refresh_token as well. I think those are only used in the jwt_manager.py.

vimalloc
vimalloc reviewed Jul 12, 2017
View reviewed changes
docs/options.rst
such as ``RS*`` or ``ES*``. PEM format expected.
``JWT_IDENTITY_CLAIM`` Claim in the tokens that is used on decoding as source of identity.
For interoperativity, the JWT RFC recommends using ``'sub'``.
Defaults to ``'identity'``.
Copy link
Owner

@vimalloc vimalloc Jul 12, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In conjunction with the comment below, lets remove the decoding from this, as it will be both encoding and
decoding.

@psafont psafont changed the title Allow changing subject claim when decoding Allow changing subject claim Jul 12, 2017
@coveralls
Copy link

coveralls commented Jul 12, 2017
edited
Loading

Coverage Status

Coverage remained the same at 100.0% when pulling f8d83f2 on psafont:sub-decode into 17c3254 on vimalloc:master.

@vimalloc vimalloc merged commit 64ec456 into vimalloc:master Jul 13, 2017
@psafont psafont deleted the sub-decode branch July 13, 2017 08:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vimalloc vimalloc vimalloc left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@psafont @coveralls @vimalloc