This pull request addresses an issue in the codebase where the client_id was being verified against the aud claim, which was incorrect. The correct verification should be against the cid claim. This PR updates the code to verify the client_id against the cid claim and ensures the variable names in the code and tests reflect this correction.
Details
In the AccessTokenVerifier class, the verify_client_id method has been updated to verify the client_id against the cid claim instead of the aud claim.
The corresponding tests have been updated to use the correct variable names.
Reasons for the Change
The previous code was performing an incorrect verification of the client_id against the aud claim, which could lead to validation errors. This update ensures that the client_id is correctly verified against the cid claim, aligning with the intended functionality.
Checklist
[x] Code has been updated to verify client_id against the cid claim.
[x] Tests have been modified to use the updated variable names.
[x] Code and tests have been reviewed for correctness.
[x] No new linting or style violations introduced.
Changes Made
This pull request addresses an issue in the codebase where the
client_id
was being verified against theaud
claim, which was incorrect. The correct verification should be against thecid
claim. This PR updates the code to verify theclient_id
against thecid
claim and ensures the variable names in the code and tests reflect this correction.Details
AccessTokenVerifier
class, theverify_client_id
method has been updated to verify theclient_id
against thecid
claim instead of theaud
claim.Reasons for the Change
The previous code was performing an incorrect verification of the
client_id
against theaud
claim, which could lead to validation errors. This update ensures that theclient_id
is correctly verified against thecid
claim, aligning with the intended functionality.Checklist
client_id
against thecid
claim.Related Issues
None.
Additional Notes
No additional notes.