chore: verify user header for self-signed tokens (!911) · Merge requests · GitLab.org / ModelOps / AI Assisted (formerly Applied ML) / Code Suggestions / AI Gateway · GitLab

Jan Provaznik requested to merge jp-user-header into main Jun 04, 2024

What does this merge request do and why?

chore: verify user header for self-signed tokens

When self-signed token is used, then subject contains global user id, not instance id so we need to check different header.

Closes https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/449

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Merge request checklist

Tests added for new functionality. If not, please raise an issue to follow up.
Documentation added/updated, if needed.