chore: verify user header for self-signed tokens
What does this merge request do and why?
chore: verify user header for self-signed tokens
When self-signed token is used, then subject contains global user id, not instance id so we need to check different header.
Closes https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/449
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Merge request checklist
-
Tests added for new functionality. If not, please raise an issue to follow up. -
Documentation added/updated, if needed.