Reduce warning logs in OIDC middleware

If the request does not have bearer token in the header, do not decode the empty string. Fixes #12261 Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2025-01-22 23:51:27 +01:00 · 2021-01-28 18:08:28 +08:00 · 2021-01-28 18:08:28 +08:00 · 2dd499bacf
commit 2dd499bacf
parent 9574f8c3c6
2 changed files with 6 additions and 2 deletions
--- a/src/server/middleware/security/idtoken.go
+++ b/src/server/middleware/security/idtoken.go
@ -40,6 +40,9 @@ func (i *idToken) Generate(req *http.Request) security.Context {
 		return nil
 	}
 	token := bearerToken(req)
+	if len(token) == 0 {
+		return nil
+	}
 	claims, err := oidc.VerifyToken(ctx, token)
 	if err != nil {
 		log.Warningf("failed to verify token: %v", err)
--- a/src/server/middleware/security/idtoken_test.go
+++ b/src/server/middleware/security/idtoken_test.go
@ -15,12 +15,13 @@
 package security

 import (
+	"net/http"
+	"testing"
+
 	"github.com/goharbor/harbor/src/common"
 	"github.com/goharbor/harbor/src/lib"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"net/http"
-	"testing"
 )

 func TestIDToken(t *testing.T) {