The recently cherry-picked CVE-2023-51663 fix (PR #323) included refactored code dependent on recent upstream code that was not cherry-picked. This caused:
{"severity":"ERROR","levelname":"ERROR","asctime":"2024-01-03 01:59:09,079","filename":"auth.py",
"funcNameAndLine":"callback:341","message":"oauth2 callback: could not fetch and verify token",
"exc_info":"Traceback (most recent call last):\n
File \"/usr/local/lib/python3.9/dist-packages/auth/auth.py\", line 335, in callback\n
flow_client = request.app[AppKeys.FLOW_CLIENT]\n
NameError: name 'AppKeys' is not defined",
"hail_log":1}
The recently cherry-picked CVE-2023-51663 fix (PR #323) included refactored code dependent on recent upstream code that was not cherry-picked. This caused:
Context: https://centrepopgen.slack.com/archives/C030X7WGFCL/p1704243108737559
Revert the affected line to use the previous literal string rather than the
AppKeysclass that does not yet exist on our branch.