From 51b2b9d79f701bdfb30bb464a32549bf637c7a87 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Thu, 28 Sep 2017 13:39:02 +0300
Subject: Add: disable aud check, for now

---
 NEWS           | 2 ++
 apifw/token.py | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 7a3f734..74f0c30 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@ This file summarizes changes between releases of `apifw`.
 Version 0.12+git, not yet released
 ----------------------------------
 
+* Disable JWT token audience check, for now. This is quick fix for
+  Qvarn.
 
 Version 0.12, released 2017-09-26
 ----------------------------------
diff --git a/apifw/token.py b/apifw/token.py
index 9e3df8e..d1e503c 100644
--- a/apifw/token.py
+++ b/apifw/token.py
@@ -31,4 +31,4 @@ def decode_token(token, key, audience):
     return jwt.decode(
         token,
         key=key.exportKey('OpenSSH'),
-        audience=audience)
+        audience=None, options={'verify_aud': False})
-- 
cgit v1.2.1