Files
notifications-api/app/authentication
David McDonald 7246306447 Support multiple secrets for ADMIN_CLIENT_SECRETS
This will allow us to accept two different ones and therefore allow us
to rotate the secret that the admin client is sending to the API

Due to how the notifications-python-client throws exceptions, we run
into exactly the same issue with not being able to distinguish if a
`TokenDecodeError` is thrown because the token was encrypted with a
different secret key or if because there was a different error when
decoding. I've copied the TODO from `requires_auth` as this is exactly
the same issue.

I've also added a test case for functionality that was missing for an
out of date admin token (old IAT).
2020-02-20 13:47:39 +00:00
..
2016-01-14 14:28:23 +00:00