Provide a default url for each environment to download and verify the certificate associated with a token
Opened this issue · 0 comments
Kerruba commented
Would be nice to have a set of constants, one for each AAP environment, with the public certificate url and a corresponding SHA that we can use by default to verify the provided token received from AAP.
This could be used inside the decode_token function as a default