Fixes to get token revoke working

vimalloc · vimalloc · commit 555e36c3a02c · 2016-09-18T16:58:16.000-06:00
diff --git a/flask_jwt_extended/app.py b/flask_jwt_extended/app.py
@@ -136,8 +136,10 @@ def revoke_jwt(jti):
 
     if revoke:
         revoke_token(jti)
+        return jsonify({"msg": "Token successfully revoked"})
     else:
         unrevoke_token(jti)
+        return jsonify({"msg": "Token successfully unrevoked"})
 
 
 # Endpoint for generating a non-fresh access token from the refresh token
diff --git a/flask_jwt_extended/utils.py b/flask_jwt_extended/utils.py
@@ -190,14 +190,15 @@ def _check_blacklist(token):
 
     # Only check access tokens if BLACKLIST_TOKEN_CHECKS is set to 'all`
     if token_type == 'access' and _blacklist_checks() == 'all':
-        stored_data = json.loads(store.get(jti))
-        if stored_data['revoked'] != 'active':
+
+        stored_data = json.loads(store.get(jti).decode('utf-8'))
+        if stored_data['revoked']:
             raise RevokedTokenError('Token has been revoked')
 
     # Always check refresh tokens
     if token_type == 'refresh':
-        stored_data = json.loads(store.get(jti))
-        if stored_data['revoked'] != 'active':
+        stored_data = json.loads(store.get(jti).decode('utf-8'))
+        if stored_data['revoked']:
             raise RevokedTokenError('Token has been revoked')
 
 
@@ -330,7 +331,7 @@ def get_stored_tokens():
         raise RuntimeError("Blacklist must be enabled to list tokens")
 
     store = _get_blacklist_store()
-    return [json.loads(store.get(jti)) for jti in store.iter_keys()]
+    return [json.loads(store.get(jti).decode('utf-8')) for jti in store.iter_keys()]
 
 
 def _update_token(jti, revoked):
@@ -339,15 +340,16 @@ def _update_token(jti, revoked):
 
     store = _get_blacklist_store()
     try:
-        token = store.get(jti)
+        stored_data = json.loads(store.get(jti).decode('utf-8'))
+        token = stored_data['token']
         _store_token(token, revoked)
     except KeyError:
         # Token does not exist in the store. Could have been automatically
         # removed from the store via ttl expiring # (in case of redis or
         # memcached), or could have never been in the store, which probably
         # indicates a bug in the callers code.
         # TODO should this raise an error? Or silently return?
-        return
+        raise
 
 
 def revoke_token(jti):
@@ -366,7 +368,7 @@ def _get_secret_key():
 
 
 def _blacklist_enabled():
-    return current_app.config.get('JWT_BLACKLIST', BLACKLIST_ENABLED)
+    return current_app.config.get('JWT_BLACKLIST_ENABLED', BLACKLIST_ENABLED)
 
 
 def _get_blacklist_store():
@@ -417,13 +419,13 @@ def _store_token(token, revoked):
         'token': token,
         'last_used': _utc_datetime_to_ts(datetime.datetime.utcnow()),
         'revoked': revoked
-    })
+    }).encode('utf-8')
 
     store = _get_blacklist_store()
     if _store_supports_ttl(store):
         # Add 15 minutes to token ttl to account for possible time drift
         ttl = _get_token_ttl(token) + datetime.timedelta(minutes=15)
         ttl_secs = ttl.total_seconds()
-        store.put(key=token['jti'], value=data_to_store, ttl_secs=ttl_secs)
+        store.put(token['jti'], data_to_store, ttl_secs=ttl_secs)
     else:
-        store.put(key=token['jti'], value=data_to_store)
+        store.put(token['jti'], data_to_store)
