ephraimbuddy commented on a change in pull request #14219:
URL: https://github.com/apache/airflow/pull/14219#discussion_r576281594
##########
File path: airflow/api_connexion/security.py
##########
@@ -14,24 +14,27 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-
from functools import wraps
from typing import Callable, Optional, Sequence, Tuple, TypeVar, cast
from flask import Response, current_app
from airflow.api_connexion.exceptions import PermissionDenied, Unauthenticated
+from airflow.api_connexion.webserver_auth import requires_authentication
T = TypeVar("T", bound=Callable) # pylint: disable=invalid-name
def check_authentication() -> None:
"""Checks that the request has valid authorization information."""
response = current_app.api_auth.requires_authentication(Response)()
- if response.status_code != 200:
+ jwt_response = requires_authentication(Response)()
Review comment:
I'm trying to figure out the best way to plug the jwt into the app. What
I did here was to try both auth_backend and jwt_response. I have updated the
failing path which made the auth_backend from 2.0.0/.1 unusable. Now both the
old auth and the new one works. The major problem now is that all
authentication failures now appear as 401. I'm still thinking around it because
it'll be good to tell the user that the token expired, invalid token or
malformed authorization code.
If you can check again to see that both now work. I also added a comment on
why error is not raised for expired token
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
