Revert "Changed authentication to be required (#669)" (#670)

This reverts commit 4f7789c.
permitio · Sep 26, 2024 · 3e80964 · 3e80964
1 parent 4f7789c
commit 3e80964
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 6 deletions.
diff --git a/packages/opal-common/opal_common/authentication/deps.py b/packages/opal-common/opal_common/authentication/deps.py
@@ -30,7 +30,7 @@ def verify_logged_in(verifier: JWTVerifier, token: Optional[str]) -> JWTClaims:
     try:
         if not verifier.enabled:
             logger.debug("JWT verification disabled, cannot verify requests!")
-            raise Unauthorized(description="JWT verification is disabled")
+            return {}
         if token is None:
             raise Unauthorized(description="access token was not provided")
         claims: JWTClaims = verifier.verify(token)

diff --git a/packages/opal-common/opal_common/authentication/signer.py b/packages/opal-common/opal_common/authentication/signer.py
@@ -94,7 +94,7 @@ def _verify_crypto_keys(self):
             )
         elif self._private_key is None and self._public_key is None:
             # valid situation, running in dev mode and api security is off
-            self._disable("No crypto keys provided")
+            self._disable()
         else:
             raise ValueError("Invalid JWT Signer input!")
 

diff --git a/packages/opal-common/opal_common/authentication/verifier.py b/packages/opal-common/opal_common/authentication/verifier.py
@@ -63,9 +63,9 @@ def _verify_public_key(self):
                 )
             except jwt.exceptions.InvalidKeyError as e:
                 logger.error(f"Invalid public key for jwt verification, error: {e}!")
-                self._disable(f"Invalid public key: {e}")
+                self._disable()
         else:
-            self._disable("No public key provided")
+            self._disable()
 
     def get_jwk(self) -> str:
         """returns the jwk json contents."""
@@ -74,8 +74,7 @@ def get_jwk(self) -> str:
             raise ValueError(f"invalid jwt algorithm: {self._algorithm}")
         return algorithm.to_jwk(self._public_key)
 
-    def _disable(self, reason: str):
-        logger.warning(f"Disabled JWT verification due to: {reason}")
+    def _disable(self):
         self._enabled = False
 
     @property