pierrejeambrun commented on code in PR #51657:
URL: https://github.com/apache/airflow/pull/51657#discussion_r2179544307
##########
providers/keycloak/src/airflow/providers/keycloak/auth_manager/routes/token.py:
##########
@@ -60,3 +64,23 @@ def create_token(body: TokenBody) -> TokenResponse:
token = get_auth_manager().generate_jwt(user)
return TokenResponse(access_token=token)
+
+
+@token_router.post(
+ "/refresh-token",
+ status_code=status.HTTP_200_OK,
+ responses=create_openapi_http_exception_doc([status.HTTP_400_BAD_REQUEST,
status.HTTP_401_UNAUTHORIZED]),
+)
+def refresh_token(user: GetUserDep) -> TokenResponse:
Review Comment:
I think that `GetUserDep` is validating claim and checking token validity. I
think that the dep will raise an error if the token is actually expired, which
is not what we want. (We still want to be able to hit that route with a valid
refresh token and an expired token)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
