Long-running transforms can lose their authentication #473
Description
For a long-running transformation we can get authentication errors, as seen from the backend:
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1484, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1469, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
File "/usr/local/lib/python3.10/site-packages/flask_restful/__init__.py", line 489, in wrapper
resp = resource(*args, **kwargs)
File "/usr/local/lib/python3.10/site-packages/flask/views.py", line 109, in view
return current_app.ensure_sync(self.dispatch_request)(**kwargs)
File "/usr/local/lib/python3.10/site-packages/flask_restful/__init__.py", line 604, in dispatch_request
resp = meth(*args, **kwargs)
File "/home/servicex/servicex_app/decorators.py", line 52, in inner
verify_jwt_in_request(locations=["headers"])
File "/usr/local/lib/python3.10/site-packages/flask_jwt_extended/view_decorators.py", line 94, in verify_jwt_in_request
jwt_data, jwt_header, jwt_location = _decode_jwt_from_request(
File "/usr/local/lib/python3.10/site-packages/flask_jwt_extended/view_decorators.py", line 340, in _decode_jwt_from_request
decoded_token = decode_token(encoded_token, csrf_token)
File "/usr/local/lib/python3.10/site-packages/flask_jwt_extended/utils.py", line 128, in decode_token
return jwt_manager._decode_jwt_from_config(encoded_token, csrf_value, allow_expired)
File "/usr/local/lib/python3.10/site-packages/flask_jwt_extended/jwt_manager.py", line 556, in _decode_jwt_from_config
return _decode_jwt(**kwargs, allow_expired=allow_expired)
File "/usr/local/lib/python3.10/site-packages/flask_jwt_extended/tokens.py", line 95, in _decode_jwt
decoded_token = jwt.decode(
File "/usr/local/lib/python3.10/site-packages/jwt/api_jwt.py", line 211, in decode
decoded = self.decode_complete(
File "/usr/local/lib/python3.10/site-packages/jwt/api_jwt.py", line 163, in decode_complete
self._validate_claims(
File "/usr/local/lib/python3.10/site-packages/jwt/api_jwt.py", line 249, in _validate_claims
self._validate_exp(payload, now, leeway)
File "/usr/local/lib/python3.10/site-packages/jwt/api_jwt.py", line 307, in _validate_exp
raise ExpiredSignatureError("Signature has expired")
jwt.exceptions.ExpiredSignatureError: Signature has expired
We should either re-auth under these conditions, or the server should send a redirect that does it automatically (not sure if that's possible?)
Metadata
Metadata
Assignees
Labels
No labels