fix: pass tenant through token revoked check

team-alembic · Feb 17, 2025 · 19f3675 · 19f3675
1 parent 2920ac4
commit 19f3675
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/lib/ash_authentication/token_resource/is_revoked.ex b/lib/ash_authentication/token_resource/is_revoked.ex
@@ -7,12 +7,13 @@ defmodule AshAuthentication.TokenResource.IsRevoked do
   alias AshAuthentication.{Errors.InvalidToken, Jwt}
 
   @impl true
-  def run(%{resource: resource, arguments: %{jti: jti}}, _, _) when is_binary(jti) do
+  def run(%{resource: resource, arguments: %{jti: jti}}, _, context) when is_binary(jti) do
     resource
     |> Ash.Query.do_filter(purpose: "revocation", jti: jti)
     |> Ash.Query.set_context(%{
       private: %{ash_authentication?: true}
     })
+    |> Ash.Query.set_tenant(context.tenant)
     |> Ash.exists()
   end