This pull request addresses an issue in the codebase where the client_id was being verified against the aud claim, which was incorrect. The correct verification should be against the cid claim. This PR updates the code to verify the client_id against the cid claim and ensures the variable names in the code and tests reflect this correction.
Details
In the AccessTokenVerifier class, the verify_client_id method has been updated to verify the client_id against the cid claim instead of the aud claim.
The corresponding tests have been updated to use the correct variable names.
Reasons for the Change
The previous code was performing an incorrect verification of the client_id against the aud claim, which could lead to validation errors. This update ensures that the client_id is correctly verified against the cid claim, aligning with the intended functionality.
Checklist
[x] Code has been updated to verify client_id against the cid claim.
[x] Tests have been modified to use the updated variable names.
[x] Code and tests have been reviewed for correctness.
[x] No new linting or style violations introduced.
Changes Made
This pull request addresses an issue in the codebase where the
client_idwas being verified against theaudclaim, which was incorrect. The correct verification should be against thecidclaim. This PR updates the code to verify theclient_idagainst thecidclaim and ensures the variable names in the code and tests reflect this correction.Details
AccessTokenVerifierclass, theverify_client_idmethod has been updated to verify theclient_idagainst thecidclaim instead of theaudclaim.Reasons for the Change
The previous code was performing an incorrect verification of the
client_idagainst theaudclaim, which could lead to validation errors. This update ensures that theclient_idis correctly verified against thecidclaim, aligning with the intended functionality.Checklist
client_idagainst thecidclaim.Related Issues
None.
Additional Notes
No additional notes.