From 424273360d29e910dd260f87199d405d59595823 Mon Sep 17 00:00:00 2001
From: Matthieu Lamalle <mlamalle@cadoles.com>
Date: Thu, 30 Jan 2020 15:46:18 +0100
Subject: [PATCH] verify audience in jwt

---
 src/risotto/http.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/risotto/http.py b/src/risotto/http.py
index f391530..ce4b86d 100644
--- a/src/risotto/http.py
+++ b/src/risotto/http.py
@@ -193,7 +193,6 @@ def gen_token(auth):
                 'iss': issuer,
                 'aud': audience
               }
-    
     token = jwt.encode(payload, secret, algorithm='HS256')
     return token
 
@@ -210,8 +209,7 @@ def access_token(request):
         token = jwt.encode(decoded, secret, algorithm='HS256')
         return Response(text=str(token.decode('utf-8')))
     else:
-        return HTTPUnauthorized(reason='Token could not be refreshed')
-    return True
+        return HTTPUnauthorized(reason='Token could not be verified')
 
 def verify_token(token):
     secret = get_config()['jwt']['secret']