Skip to content

Having trouble with refresh tokens #569

New issue
New issue
Open
Open
Having trouble with refresh tokens#569
@rodericj

Description

@rodericj
rodericj
opened on Feb 25, 2025

I'm attempting to follow the instructions here: https://flask-jwt-extended.readthedocs.io/en/stable/refreshing_tokens.html for explicitly refreshing tokens.

I use:

 @app.before_request
    def beforeRequest():
         ...
         try
          ...
          except ExpiredSignatureError:
                abort(401, description="expired token")

to capture expired tokens.

On the client side I am able to respond to this error and I call a refresh

@loginNamespace.route("/refresh", methods=["POST"])
class Refresh(Resource):

    # We are using the `refresh=True` options in jwt_required to only allow
    # refresh tokens to access this route.
    @jwt_required(refresh=True, locations= ["headers"])
    def post(self):
        identity = get_jwt_identity()
        access_token = create_access_token(identity=identity)
        return {"access_token": access_token}, 200

per the documentation.

I use this new access_token in my subsequent request to the protected resource and I get a 500 error indicating that the token that I am using is not the correct format:

binascii.Error: Invalid base64-encoded string: number of data characters (369) cannot be 1 more than a multiple of 4

It is unclear to me what I am supposed to be doing with the new access token that is created. I suppose it is possible that the refresh token itself is expired, but I would have exited the creation of the new access token to fail.

thanks in advance.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions