Skip to content

Commit

Permalink
Only transparently refresh JWT token when using JWT auth (#78)
Browse files Browse the repository at this point in the history 
As a follow-up to #76 and #77, only try to refresh a JWT token if using
JWT authentication in the first place (i.e. ‘jwt_url’ is set).
  • Loading branch information
@wbolster-eiq
wbolster-eiq authored Nov 18, 2020
1 parent cdc0c56 commit 2ee9669
Showing 1 changed file with 21 additions and 16 deletions.
37 changes: 21 additions & 16 deletions cabby/abstract.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,23 +183,28 @@ def _execute_request(self, request, uri=None, service_type=None):

session = self.prepare_generic_session()

if self.jwt_url and self.username and self.password:
if not self.jwt_token:
uses_jwt = self.jwt_url and self.username and self.password
if uses_jwt and not self.jwt_token:
self.refresh_jwt_token(session=session)

def do_request():
return dispatcher.send_taxii_request(
session,
self._prepare_url(uri),
request,
taxii_binding=self.taxii_binding,
timeout=self.timeout,
)

try:
return do_request()
except UnsuccessfulStatusError as exc:
if uses_jwt and exc.status == libtaxii.ST_UNAUTHORIZED:
# An authorization error may indicate JWT token expiry:
# transparently try to refresh it, then retry the request.
self.refresh_jwt_token(session=session)

for attempt in (1, 2):
try:
return dispatcher.send_taxii_request(
session,
self._prepare_url(uri),
request,
taxii_binding=self.taxii_binding,
timeout=self.timeout)
except UnsuccessfulStatusError as exc:
# Refresh the token once if authorization failed and retry
if attempt == 1 and exc.status == libtaxii.ST_UNAUTHORIZED:
self.refresh_jwt_token(session=session)
continue
return do_request()
else:
raise

def _generate_id(self):
Expand Down

0 comments on commit 2ee9669

Please sign in to comment.