def decode_token()

in lib/tenants/src/dependency.py [0:0]

• 26 lines of code
• 8 McCabe index (conditional complexity)

    def decode_token(self, token: str) -> TenantData:
        decoded: Dict[str, Any] = {}
        logger.debug("Decoding token with algorithm %s", self.algorithm)
        if self.algorithm == SupportedAlgorithms.HS256:
            decoded = self.decode_hs256(token)
        elif self.algorithm == SupportedAlgorithms.RS256:
            decoded = self.decode_rs256(token)

        sub = decoded.get("sub")
        realm_access = decoded.get("realm_access")
        roles = False
        if realm_access:
            roles = realm_access.get("roles")
        tenants = decoded.get("tenants", [])

        if decoded.get("clientId") == "pipelines":
            return TenantData(
                token=token, user_id=sub, roles=roles, tenants=tenants
            )

        if not (sub and roles and tenants):
            logger.debug("Sub %s, roles: %s, tenants: %s", sub, roles, tenants)
            raise HTTPException(
                status_code=status.HTTP_403_FORBIDDEN,
                detail="Wrong data provided in jwt!",
            )

        return TenantData(
            token=token, user_id=sub, roles=roles, tenants=tenants
        )