-
Notifications
You must be signed in to change notification settings - Fork 375
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Warn about deprecations only if token decoding succeeds #600
Warn about deprecations only if token decoding succeeds #600
Conversation
3fa1014
to
13d0f0a
Compare
13d0f0a
to
af64e35
Compare
@jeremyevans If you have some spare time could you check out this attempt to warn about the upcoming stricter base64 decoding only if the token validation is a success. |
af64e35
to
d5dd4e5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't test this code, but reading it, it looks like if you rescue the exception, the warning won't be emitted then, but it will be emitted later, after the next attempt that does not raise in the same thread.
I'll submit a pull request for an alternative approach and get your thoughts about it.
You were right, the warnings leaked over to the next call of decode. Did a little adjustment to prevent that. |
My approach in #601 is simpler, does not mess with thread-local state, and uses uplevel to make it easier to find the underlying cause of the problem. It does require base64 decoding segments twice, but as most JWTs are small, I don't expect that should be a significant performance issue. However, either #601 or this PR will fix the problem, so I'm fine with either. |
@jeremyevans Thanks for your interest and insight on this one. I decided to go with this more complex and hacky version. Just to avoid doing something for every token decode that goes via that method. |
Description
This should fix the spammy deprecation warnings reported in #595
Checklist
Before the PR can be merged be sure the following are checked: