alitheg commented on issue #504: URL: https://github.com/apache/tooling-trusted-releases/issues/504#issuecomment-3745123851
From the initial discussion - both of the auth types in question are JWTs - I wonder if one option would be to update `jwtoken._extract_bearer_token` to support pulling from the auth header or the body, then `require` to decode either github or ATR depending? Alternatively we could add params to the `require` decorator to allow it to support github ones and process separately. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
