feat: remove auth origin comparison from jwt validation

passageidentity · Dec 23, 2024 · 58b1bad · 58b1bad
1 parent 4c206d6
commit 58b1bad
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 44 deletions.
diff --git a/passageidentity/auth.py b/passageidentity/auth.py
@@ -7,7 +7,6 @@
 import jwt as pyjwt
 
 from passageidentity.errors import PassageError
-from passageidentity.helper import fetch_app
 from passageidentity.models.magic_link_args import MagicLinkWithEmailArgs, MagicLinkWithPhoneArgs, MagicLinkWithUserArgs
 from passageidentity.openapi_client.api.magic_links_api import MagicLinksApi
 from passageidentity.openapi_client.exceptions import ApiException
@@ -32,7 +31,6 @@ def __init__(self, app_id: str, request_headers: dict[str, str]) -> None:
             # must set a user agent to avoid 403 from CF
             headers={"User-Agent": "passageidentity/python"},
         )
-        self.app = fetch_app(self.app_id)
 
         self.magic_links_api = MagicLinksApi()
 
@@ -48,7 +46,7 @@ def validate_jwt(self, jwt: str) -> str:
             claims = pyjwt.decode(
                 jwt,
                 public_key,
-                audience=[self.app_id] if self.app["hosted"] else self.app["auth_origin"],
+                audience=self.app_id,
                 algorithms=["RS256"],
             )
 

diff --git a/passageidentity/helper.py b/passageidentity/helper.py
diff --git a/passageidentity/requests.py b/passageidentity/requests.py