Skip to content
Snippets Groups Projects
Verified Commit ad4422b2 authored by Arthur Conrozier's avatar Arthur Conrozier
Browse files

expired id

parent b1408368
No related branches found
No related tags found
1 merge request!1Updating main
Show whitespace changes
Inline Side-by-side
Showing
with 17 additions and 4 deletions
main.py
+ 17
4
View file @ ad4422b2
......@@ -167,15 +167,28 @@ def getLoginUrl(state, nonce):
def decodeIdToken(id_token, nonce):
try:
# Verify token signature
decoded_id_token = jwt.decode(
id_token, PUBLIC_KEY, algorithms=["RS256"], audience=CLIENT_ID
)
except jwt.ExpiredSignatureError:
return 'Token expired', 401
except jwt.InvalidAudienceError:
return 'Invalid audience', 401
except jwt.InvalidIssuerError:
return 'Invalid issuer', 401
except jwt.InvalidSignatureError:
return 'Invalid signature', 401
except:
return 'Invalid token', 401
# Verify nonce to prevent replay attacks
if decoded_id_token.get("nonce") != nonce:
return
print(decoded_id_token)
return decoded_id_token
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment