From f03b88742dc6a244da36ddee0ff11a015bbceb97 Mon Sep 17 00:00:00 2001
From: Rudyard Richter <rudyardrichter@uchicago.edu>
Date: Wed, 2 May 2018 17:58:22 -0500
Subject: [PATCH] fix(validate): fix issuers check in require auth

---
 authutils/token/validate.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/authutils/token/validate.py b/authutils/token/validate.py
index 3a4d244..918f33d 100644
--- a/authutils/token/validate.py
+++ b/authutils/token/validate.py
@@ -163,11 +163,10 @@ def validate_jwt(
     """
     if not issuers:
         issuers = []
-        issuers.append(
-            flask.current_app.config.get('OIDC_ISSUER')
-            or flask.current_app.config.get('USER_API')
-            or flask.current_app.config.get('BASE_URL')
-        )
+        for config_var in ['OIDC_ISSUER', 'USER_API', 'BASE_URL']:
+            value = flask.current_app.config.get(config_var)
+            if value:
+                issuers.append(value)
     if public_key is None:
         public_key = get_public_key_for_token(
             encoded_token,