feat(auth): add defensive code for missing token build_image

PrivateAIM · Oct 17, 2024 · aee09a3 · aee09a3
1 parent 71f3030
commit aee09a3
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/hub_adapter/auth.py b/hub_adapter/auth.py
@@ -69,6 +69,13 @@ async def get_hub_public_key() -> dict:
 
 async def verify_idp_token(token: str = Security(idp_oauth2_scheme)) -> dict:
     """Decode the auth token using keycloak's public key."""
+    if not token:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=str("Missing or invalid token"),
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
     try:
         return jwt.decode(
             token,