Open robrap opened 1 year ago
Related, we have a New Relic dashboard with the chart "Token verification failed count (by app)":
SELECT count(*) FROM Log WHERE message = 'Token verification failed.' FACET entity.name SINCE 1 day ago TIMESERIES MAX
This is showing failures against discovery that seem to be from a bad actor, based on other research. We think someone might be calling twice with 2 tokens, one good and one bad, for each request. See https://onenr.io/0qwy8MrgGQn. Note that the failures are "unauthenticated", so we can see that these were JWT requests.
You can also see the log details, and see that there isn't enough to filter out known bad callers: https://onenr.io/0gR76X2L9wo
SELECT * FROM Log WHERE message = 'Token verification failed.' SINCE 1 day ago
Ideally we'd be able to filter out this data from the bad actor, but I'm not sure how. This may be a separate, but related ticket.
This ticket is for improving observability of errors during JWT decoding in our shared library. See https://github.com/openedx/edx-drf-extensions/blob/master/edx_rest_framework_extensions/auth/jwt/decoder.py#L67-L74
Acceptance Criteria:
Questions and notes: