Leondon9 commented on code in PR #67059:
URL: https://github.com/apache/airflow/pull/67059#discussion_r3276499289
##########
airflow-core/src/airflow/api_fastapi/execution_api/security.py:
##########
@@ -124,7 +124,7 @@ async def __call__( # type: ignore[override]
try:
claims = await validator.avalidated_claims(creds.credentials,
dict(self.required_claims))
except Exception as err:
- log.warning("Failed to validate JWT", exc_info=True,
token=creds.credentials)
+ log.warning("Failed to validate JWT", exc_info=True)
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail=f"Invalid auth token: {err}")
Review Comment:
Thanks, that makes sense. I updated the client-facing detail to use a
generic `Invalid auth token` message and kept the detailed exception available
only through the server-side log via `exc_info=True`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
