Skip to content

Commit

Permalink
allow overriding the guest token PyJWT instance (apache#19293)
Browse files Browse the repository at this point in the history
(cherry picked from commit f9feb1b)
  • Loading branch information
suddjian authored and sadpandajoe committed Mar 31, 2022
1 parent c32ddb1 commit 5db4cfe
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions superset/security/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@
Union,
)

import jwt
from flask import current_app, Flask, g, Request
from flask_appbuilder import Model
from flask_appbuilder.models.sqla.interface import SQLAInterface
Expand All @@ -54,6 +53,7 @@
)
from flask_appbuilder.widgets import ListWidget
from flask_login import AnonymousUserMixin, LoginManager
from jwt.api_jwt import _jwt_global_obj
from sqlalchemy import and_, or_
from sqlalchemy.engine.base import Connection
from sqlalchemy.orm import Session
Expand Down Expand Up @@ -238,6 +238,7 @@ class SupersetSecurityManager( # pylint: disable=too-many-public-methods
)

guest_user_cls = GuestUser
pyjwt_for_guest_token = _jwt_global_obj

def create_login_manager(self, app: Flask) -> LoginManager:
lm = super().create_login_manager(app)
Expand Down Expand Up @@ -1345,7 +1346,7 @@ def create_guest_access_token(
"aud": audience,
"type": "guest",
}
token = jwt.encode(claims, secret, algorithm=algo)
token = self.pyjwt_for_guest_token.encode(claims, secret, algorithm=algo)
return token

def get_guest_user_from_request(self, req: Request) -> Optional[GuestUser]:
Expand Down Expand Up @@ -1393,7 +1394,9 @@ def parse_jwt_guest_token(self, raw_token: str) -> Dict[str, Any]:
secret = current_app.config["GUEST_TOKEN_JWT_SECRET"]
algo = current_app.config["GUEST_TOKEN_JWT_ALGO"]
audience = self._get_guest_token_jwt_audience()
return jwt.decode(raw_token, secret, algorithms=[algo], audience=audience)
return self.pyjwt_for_guest_token.decode(
raw_token, secret, algorithms=[algo], audience=audience
)

@staticmethod
def is_guest_user(user: Optional[Any] = None) -> bool:
Expand Down

0 comments on commit 5db4cfe

Please sign in to comment.