From 344a7f2c2a29b45828f1be13cf40c3c80a651c1f Mon Sep 17 00:00:00 2001
From: Eric Wollesen <eric@tidepool.org>
Date: Fri, 7 Mar 2025 16:21:17 -0700
Subject: [PATCH] strip kc: token if present before parsing token claims

Intended to prevent egregious log entries.
---
 data/service/api/v1/datasets_data_create.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/service/api/v1/datasets_data_create.go b/data/service/api/v1/datasets_data_create.go
index 1d7b9d52f..9d8524c9c 100644
--- a/data/service/api/v1/datasets_data_create.go
+++ b/data/service/api/v1/datasets_data_create.go
@@ -144,6 +144,7 @@ func CollectProvenanceInfo(ctx context.Context, req *rest.Request, authDetails r
 	if strings.HasPrefix(strings.ToLower(token), "bearer ") {
 		token = token[len("bearer "):]
 	}
+	token, _ = strings.CutPrefix(token, "kc:")
 
 	if token != "" && shouldHaveJWT(authDetails) {
 		claims := &TokenClaims{}