From e5dda9c58f90f9b279b7f16dfde7136a355373e2 Mon Sep 17 00:00:00 2001
From: Danny Browning <dbrowning@3box.io>
Date: Tue, 23 Jul 2024 17:34:47 -0600
Subject: [PATCH] hack: disable validation

---
 api/src/auth.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/src/auth.rs b/api/src/auth.rs
index 73e225f60..d93906272 100644
--- a/api/src/auth.rs
+++ b/api/src/auth.rs
@@ -101,8 +101,9 @@ async fn verify_capability(cacao: &Capability) -> Result<(), String> {
         serde_json::to_string(&cacao.payload).map_err(|e| e.to_string())?.as_bytes()
     );
     let sig = format!("{header}.{payload}.{}", URL_SAFE_NO_PAD.encode(cacao.signature.signature.as_bytes()));
-    println!("Did={:?}", jwk.key_id);
-    let (_header, _data) = decode_verify(&sig, &jwk).map_err(|e| e.to_string())?;
+    if let Err(e) = decode_verify(&sig, &jwk) {
+        println!("Validation failed: {}\n    Sig={sig}", e);
+    }
 
     Ok(())
 }
@@ -122,7 +123,6 @@ async fn read_authentication(data: &str) -> Result<Authentication, String> {
                 if cid == root {
                     verify_capability(&cacao).await?;
                 }
-
                 cacaos.insert(cid, cacao);
             }
             Err(e) => {