summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS2
-rw-r--r--apifw/token.py2
2 files changed, 3 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 7a3f734..74f0c30 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@ This file summarizes changes between releases of `apifw`.
Version 0.12+git, not yet released
----------------------------------
+* Disable JWT token audience check, for now. This is quick fix for
+ Qvarn.
Version 0.12, released 2017-09-26
----------------------------------
diff --git a/apifw/token.py b/apifw/token.py
index 9e3df8e..d1e503c 100644
--- a/apifw/token.py
+++ b/apifw/token.py
@@ -31,4 +31,4 @@ def decode_token(token, key, audience):
return jwt.decode(
token,
key=key.exportKey('OpenSSH'),
- audience=audience)
+ audience=None, options={'verify_aud': False})
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-05 19:28:49 +0000