mirror of
https://github.com/googleapis/genai-toolbox.git
synced 2026-02-06 05:04:58 -05:00
4639cc6560
Currently, we are throwing 401 error immediately after auth token verification failure. This is not expected in the following situations: 1. Non-auth tool invocation with auth token that is invalid. 2. Auth tool invocation with all the required auth token, but the header contains extra non-required token that is invalid These requests should pass the authorization check but fail under the current implementation. Change made in this PR: 1. Do not throw error immediately after auth token verification failure. Instead only log it and continue to the next header iteration. 2. In the parseParams() method, if an auth parameter is missing, we should error with the message telling the user that either the auth header is missing or is invalid.