From e38018847df3f95a05ff4a805633a7c0d5c4b70b Mon Sep 17 00:00:00 2001
From: chaosinthecrd <tom@tmlabs.co.uk>
Date: Wed, 29 Nov 2023 11:26:51 +0000
Subject: [PATCH] updated function and description

---
 signer/fulcio/fulcio.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/signer/fulcio/fulcio.go b/signer/fulcio/fulcio.go
index d85a632c..f0cd93cb 100644
--- a/signer/fulcio/fulcio.go
+++ b/signer/fulcio/fulcio.go
@@ -408,12 +408,12 @@ func newClient(ctx context.Context, fulcioURL string, fulcioPort int, isInsecure
 	return fulciopb.NewCAClient(conn), nil
 }
 
-// idToken allows users to either pass in an identity token directly
-// or a path to an identity token via the --identity-token flag
+// idToken tries to parse a string as a token in JWS form. If it fails,
+// it treats the string as a path and tries to open the file at that path
 func idToken(s string) (string, error) {
-	// If this is a valid raw token or is empty, just return it
+	// If this is a valid raw token, just return it
 	// NOTE: could be replaced with https://pkg.go.dev/go.step.sm/crypto/jose in future if features helpful
-	if _, err := jwt.ParseSigned(s); err == nil || s == "" {
+	if _, err := jwt.ParseSigned(s); err == nil {
 		return s, nil
 	}