From d5fd5a2a0747cdd7e788772fdecff903cdaedfd2 Mon Sep 17 00:00:00 2001
From: Eric Wollesen <eric@tidepool.org>
Date: Thu, 30 Jan 2025 15:08:42 -0700
Subject: [PATCH] allow an access token without a user id to authenticate as a
 service

"MethodAccessToken" is a valid way for a service to authenticate, and
could happen for example, when someone uses a oauth library to perform
authentication, rather than using the internal platform client.
---
 request/request.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/request/request.go b/request/request.go
index 1e49aa2cb9..002e45ace6 100644
--- a/request/request.go
+++ b/request/request.go
@@ -89,7 +89,9 @@ func (d *authDetails) Method() Method {
 }
 
 func (d *authDetails) IsService() bool {
-	return d.method == MethodServiceSecret || (d.method == MethodSessionToken && d.userID == "")
+	return d.method == MethodServiceSecret ||
+		(d.method == MethodSessionToken && d.userID == "") ||
+		(d.method == MethodAccessToken && d.userID == "")
 }
 
 func (d *authDetails) IsUser() bool {