Add: disable aud check, for now

author: Lars Wirzenius <liw@liw.fi> 2017-09-28 13:39:02 +0300
committer: Lars Wirzenius <liw@liw.fi> 2017-09-28 13:39:02 +0300
commit: 51b2b9d79f701bdfb30bb464a32549bf637c7a87 (patch)
tree: 7d8bb1b32a1414f59a0a36a3ce821dcbb39b3fc8
parent: 2f4e47e2767f5b3dc52edf212ad484ed63a7cdc5 (diff)
download: apifw-51b2b9d79f701bdfb30bb464a32549bf637c7a87.tar.gz
2 files changed, 3 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 7a3f734..74f0c30 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@ This file summarizes changes between releases of `apifw`.
 Version 0.12+git, not yet released
 ----------------------------------
 
+* Disable JWT token audience check, for now. This is quick fix for
+  Qvarn.
 
 Version 0.12, released 2017-09-26
 ----------------------------------
diff --git a/apifw/token.py b/apifw/token.py
index 9e3df8e..d1e503c 100644
--- a/apifw/token.py
+++ b/apifw/token.py
@@ -31,4 +31,4 @@ def decode_token(token, key, audience):
     return jwt.decode(
         token,
         key=key.exportKey('OpenSSH'),
-        audience=audience)
+        audience=None, options={'verify_aud': False})
author	Lars Wirzenius <liw@liw.fi>	2017-09-28 13:39:02 +0300
committer	Lars Wirzenius <liw@liw.fi>	2017-09-28 13:39:02 +0300
commit	51b2b9d79f701bdfb30bb464a32549bf637c7a87 (patch)
tree	7d8bb1b32a1414f59a0a36a3ce821dcbb39b3fc8
parent	2f4e47e2767f5b3dc52edf212ad484ed63a7cdc5 (diff)
download	apifw-51b2b9d79f701bdfb30bb464a32549bf637c7a87.tar.gz