After restarting the proxy, the consent screen could enter a loop. This happened because we were caching an unsuccessful attempt at verifying membership. This PR fixes this behaviour by only caching successful results.
Improvements:
After restarting the proxy, users presenting a valid JWT would still be required to go to the consent screen so that membership verification can be successful. The new JWT_REQUIRES_MEMBERSHIP_VERIFICATION environment variable can be set to false to "blindly trust" valid tokens. Disabling this option makes the proxy less secure.
This PR introduces a bugfix and two improvements:
Bugfixes:
Improvements:
JWT_REQUIRES_MEMBERSHIP_VERIFICATIONenvironment variable can be set tofalseto "blindly trust" valid tokens. Disabling this option makes the proxy less secure.