Skip to content

Commit

Permalink
Resolve bugs noted in Beta deployment (#35)
Browse files Browse the repository at this point in the history 
# Description
Add default permissions for `users` to address serialization bug
Explicitly handle old refresh tokens which fail Pydantic validation

# Issues
Includes a change to default user permissions to mitigate a
serialization issue fixed in
NeonGeckoCom/neon-data-models#10

# Other Notes
<!-- Note any breaking changes, WIP changes, requests for input, etc.
here -->
  • Loading branch information
@NeonDaniel
NeonDaniel authored Dec 27, 2024
1 parent 108dfae commit 7681f46
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion neon_hana/auth/client_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,8 @@
diana=AccessRoles.USER,
node=AccessRoles.USER,
hub=AccessRoles.USER,
llm=AccessRoles.USER)
llm=AccessRoles.USER,
users=AccessRoles.NONE)


class ClientManager:
Expand Down Expand Up @@ -274,6 +275,10 @@ def check_refresh_request(self, access_token: Optional[str],
except ExpiredSignatureError:
raise HTTPException(status_code=401,
detail="Refresh token is expired")
except ValidationError:
raise HTTPException(status_code=400,
detail=f"Invalid token data received from "
f"client: {client_id}.")
if refresh_data.jti != token_data.jti + ".refresh":
raise HTTPException(status_code=403,
detail="Refresh and access token mismatch")
Expand Down

0 comments on commit 7681f46

Please sign in to comment.