search

Vonage / vonage-python-sdk

Vonage Server SDK for Python. API support for Voice, SMS, WhatsApp, Verify (2FA), Video Meetings and more.
https://developer.vonage.com
Apache License 2.0
192 stars 118 forks source link

Regression in JWT auth headers in v3.0.0 #223

Closed SMadani closed 2 years ago

SMadani commented 2 years ago

In v2.8.0, requests requiring JWT authentication would call the parse method like so: 

  return self.parse(
      self.api_host(),
      self.session.post(uri, json=params, headers=self._headers()),
  )

Note how the headers parameter is set by calling the headers() method on the client class. This method regenerates the JWT every time, so that the time-sensitive components are appropriate for the request. In v3.0.0, the new _add_jwt_to_request_headers method is used. This uses a cached JWT, which appears to be set globally on the client on initialisation. Consequently, when the token expires users must create a new client instance. Original issue reported (see JIRA ticket):

To reproduce: client = Client(application_id=nx_application_id, private_key=nx_private_key) voice = Voice(client)

resp = voice.get_calls() or resp = client.voice.get_calls()

Will work at the beginning, but after a few minutes (60s????) if you run .get_calls you will get error:

vonage.errors.AuthenticationError: Check you're using a valid authentication method for the API you want to use

refresh jwt manually:

client.auth()
resp = voice.get_calls()

or 

resp = client.voice.get_calls()

both will work again for a short time.

maxkahan commented 2 years ago

Thanks for bringing this to my attention Sina, I will fix this week

maxkahan commented 2 years ago

Fixed in #225, v3.0.1 patch release has now been made that fixes this behaviour.