From 46375eae43ba60bb631584194fc4e6103441d47b Mon Sep 17 00:00:00 2001
From: Carlos Villicana <carlosv@stokkur.is>
Date: Fri, 30 Aug 2024 07:12:45 -0600
Subject: [PATCH] PR Fixes

---
 src/auth.py | 37 +++++++++++++++++++++++--------------
 1 file changed, 23 insertions(+), 14 deletions(-)

diff --git a/src/auth.py b/src/auth.py
index 9f20e7f..f3f330a 100644
--- a/src/auth.py
+++ b/src/auth.py
@@ -16,9 +16,9 @@
 """
 
 from __future__ import annotations
-from functools import lru_cache
+from functools import cache, lru_cache
 
-from typing import Mapping, cast, Any, Optional, Dict
+from typing import Mapping, cast, Any, Optional, Dict, Tuple
 
 from datetime import UTC, datetime
 import logging
@@ -114,16 +114,25 @@ def rq_get(request: Request, key: str) -> str:
         return j.get(key, "")
     return ""
 
-def get_facebook_public_key():
-    # Get the public key from Facebook's JWKS endpoint
-    response = requests.get(FACEBOOK_JWT_ENDPOINT)
-    jwks = response.json()
-
-    # Extract the public key in PEM format
-    key_data = jwks['keys'][0]
-    public_key_pem = jwt.algorithms.RSAAlgorithm.from_jwk(key_data)
-    
-    return public_key_pem
+@cache
+def get_facebook_public_key() -> Optional[str]:
+    try:
+        # Get the public key from Facebook's JWKS endpoint
+        response = requests.get(FACEBOOK_JWT_ENDPOINT)
+        response.raise_for_status()  # Raise an error for bad status codes
+        jwks = response.json()
+
+        # Extract the public key in PEM format
+        key_data = jwks['keys'][0]
+        public_key_pem = jwt.algorithms.RSAAlgorithm.from_jwk(key_data)
+        
+        return public_key_pem  # Return the key and success status
+    except requests.exceptions.RequestException as e:
+        logging.error(f"An error occurred while fetching the public key: {e}")
+        return None  # Return None and failure status
+    except KeyError as e:
+        logging.error(f"Key error: {e}")
+        return None  # Return None and failure status
 
 def oauth2callback(request: Request) -> ResponseType:
     # Note that HTTP GETs to the /oauth2callback URL are handled in web.py,
@@ -340,7 +349,7 @@ def oauth_fb(request: Request) -> ResponseType:
     token = user.get("token", "")
 
     # Verify if this is a limited login (iOS only)
-    is_limited_login = rq.get("isLimitedLogin", False)
+    is_limited_login = rq.get_bool("isLimitedLogin", False)
     if is_limited_login:
         # Validate Limited Login token
         try:
@@ -371,7 +380,7 @@ def oauth_fb(request: Request) -> ResponseType:
         except jwt.InvalidTokenError:
             return (
                     jsonify(
-                        {"status": "invalid", "msg": "Invalid Facebook expired",}
+                        {"status": "invalid", "msg": "Invalid Facebook token",}
                     ), 
                     401,
                 )