Patch #1480: call get_POST_body once

The JWT validation update in PR 1480 contained a small error: by calling the function get_POST_body() twice, the content of the request was unavailable in the second call. This calls only once, but has the downside of requiring a specific set of keys in the json request data. Hence this might be fixed to be more flexible later, see comments in the PR.
2 years ago · a847df9e1d
1 changed files with 3 additions and 3 deletions
--- a/jmclient/jmclient/wallet_rpc.py
+++ b/jmclient/jmclient/wallet_rpc.py
@ -610,14 +610,14 @@ class JMWalletDaemon(Service):

            try:
                assert isinstance(request.content, BytesIO)
-                grant_type = self.get_POST_body(request, ["grant_type",])["grant_type"]
+                post_body = self.get_POST_body(request, ["grant_type", "refresh_token"])
+                grant_type = post_body["grant_type"]
                if grant_type not in {"refresh_token"}:
                    return _mkerr(
                        "unsupported_grant_type",
                        "The authorization grant type is not supported by the authorization server.",
                    )
-
-                token = self.get_POST_body(request, [grant_type])[grant_type]
+                token = post_body["refresh_token"]
            except:
                return _mkerr(
                    "invalid_request",