django/backends: Improve expired token handling (!22) · Merge requests · Platform / Development / swh-auth

Antoine Lambert requested to merge generated-differential-D5446-source into generated-differential-D5446-target Apr 07, 2021

I stumbled across that behavior when testing bearer tokens expiration from swh-web API tokens Web UI (swh-web!526 (closed)).

The first time a user sends an expired token previously used to perform authenticated Web API calls, Keycloak will return the following error message: "Offline session not active".

Keycloak will then remove the offline session from its database and future calls to a Web API with the expired token will return the following error message: "Offline user session not found".

So handle that error message too for indicating a token has expired.

Related to swh-web#3121 (closed)

Migrated from D5446 (view on Phabricator)

Silent mode is enabled

django/backends: Improve expired token handling

Merge request reports