Middleware to allow authorization using Keycloak and Django for django-rest-framework (DRF). This package should only be used in projects starting from scratch, since it overrides the users' management.
MIT License
32
stars
14
forks
source link
Fix _is_client_token_timed_out for timed out tokens exceeding grace period #11
The check if the client token is timed out is broken. None is returned when trying to decode an expired token. However, the function _is_client_token_timed_out still tries to access the expiry (exp) and issued at time (iat). This causes a TypeError as None is not subscriptable.
A fix would be to return true to the expired check if the decoding of the token returns None.
The error happens at django_keycloak/keycloak.py:337
The check if the client token is timed out is broken. None is returned when trying to decode an expired token. However, the function _is_client_token_timed_out still tries to access the expiry (
exp
) and issued at time (iat
). This causes a TypeError as None is not subscriptable.A fix would be to return true to the expired check if the decoding of the token returns None.
The error happens at
django_keycloak/keycloak.py:337