changed the sub as cache key into token_string as sub might be the sa…

…me for multiple users
SUNET · Dec 20, 2024 · 34b63b2 · 34b63b2
1 parent 6c3b298
commit 34b63b2
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/cnaas_nms/tools/cache.py b/src/cnaas_nms/tools/cache.py
@@ -18,7 +18,7 @@ def get_token_info_from_cache(token: Token) -> Optional[dict]:
     """Check if the userinfo is in the cache to avoid multiple calls to the OIDC server"""
     try:
         with redis_session() as redis:  # type: ignore
-            cached_token_info = redis.hget(REDIS_OAUTH_TOKEN_INFO_KEY, token.decoded_token["sub"])
+            cached_token_info = redis.hget(REDIS_OAUTH_TOKEN_INFO_KEY, token.token_string)
             if cached_token_info:
                 return json.loads(cached_token_info)
     except RedisError as e:
@@ -33,7 +33,7 @@ def put_token_info_in_cache(token: Token, token_info) -> bool:
     try:
         with redis_session() as redis:  # type: ignore
             if "exp" in token.decoded_token:
-                redis.hsetnx(REDIS_OAUTH_TOKEN_INFO_KEY, token.decoded_token["sub"], token_info)
+                redis.hsetnx(REDIS_OAUTH_TOKEN_INFO_KEY, token.token_string, token_info)
                 # expire hash at access_token expiry time or 1 hour from now (whichever is sooner)
                 # Entire hash is expired, since redis does not support expiry on individual keys
                 expire_at = min(int(token.decoded_token["exp"]), int(time.time()) + 3600)