Merge pull request #7 from wellcometrust/fix-test-url

Use correct audience value based on is_sandbox in JWT auth
wellcometrust · Oct 12, 2023 · 36e4893 · 36e4893
2 parents d5ecdc8 + 343dbd7
commit 36e4893
Showing 1 changed file with 3 additions and 5 deletions.
diff --git a/tap_salesforce/salesforce/__init__.py b/tap_salesforce/salesforce/__init__.py
@@ -335,11 +335,10 @@ def _make_request(self, http_method, url, headers=None, body=None, stream=False,
     def login(self):
         if self.is_sandbox:
             login_url = 'https://test.salesforce.com/services/oauth2/token'
+            sf_audience = 'https://test.salesforce.com'
         else:
             login_url = 'https://login.salesforce.com/services/oauth2/token'
-
-        #login_body = {'grant_type': 'refresh_token', 'client_id': self.sf_client_id,
-                     #'client_secret': self.sf_client_secret, 'refresh_token': self.refresh_token}
+            sf_audience = 'https://login.salesforce.com'
 
         private_key = None
         with open(self.sf_private_key, "r") as f:
@@ -354,11 +353,10 @@ def login(self):
         }
 
         # Set Salesforce JWT Payload
-        sf_aud = "https://test.salesforce.com"
         jwt_payload = {
             "iss": f"{self.sf_consumer_key}",
             "sub": f"{self.sf_user}",
-            "aud": f"{sf_aud}",
+            "aud": f"{sf_audience}",
             "exp":  f"{expiry}"
         }