From 0393a6e0c8629efe71c1d3e9cbb7af8c91efbe29 Mon Sep 17 00:00:00 2001
From: Paul Flynn <paul@arkavo.com>
Date: Sun, 28 Apr 2024 14:53:56 -0400
Subject: [PATCH] feat(service): no verify

---
 service/kas/access/rewrap.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/service/kas/access/rewrap.go b/service/kas/access/rewrap.go
index 0454d59f3..98f8dc49c 100644
--- a/service/kas/access/rewrap.go
+++ b/service/kas/access/rewrap.go
@@ -76,7 +76,7 @@ func generateHMACDigest(ctx context.Context, msg, key []byte) ([]byte, error) {
 func verifySignedRequestToken(ctx context.Context, in *kaspb.RewrapRequest) (*RequestBody, error) {
 	var token jwt.Token
 	var err error
-	token, err = jwt.Parse([]byte(in.GetSignedRequestToken()), jwt.WithValidate(false))
+	token, err = jwt.Parse([]byte(in.GetSignedRequestToken()), jwt.WithValidate(false), jwt.WithVerify(false))
 	if err != nil {
 		slog.WarnContext(ctx, "unable to verify parse token", "err", err)
 		return nil, err401("could not parse token")