From b200e9c3763757ac3062d4d2043fa6d87d4837e6 Mon Sep 17 00:00:00 2001
From: Diana Gudu <diana.gudu@kit.edu>
Date: Wed, 17 Aug 2022 18:34:14 +0200
Subject: [PATCH 1/2] handle non-conforming entitlements in entitlement claim

---
 flaat/requirements.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/flaat/requirements.py b/flaat/requirements.py
index b130af8..8fd3bfa 100644
--- a/flaat/requirements.py
+++ b/flaat/requirements.py
@@ -319,7 +319,7 @@ def _parse(self, raw: str):
     def _matches(
         self, required: aarc_entitlement.Base, available: aarc_entitlement.Base
     ) -> bool:
-        return available.satisfies(required)
+        return available is not None and available.satisfies(required)
 
 
 def _get_claim_requirement(

From ae001b8af64917071ad4152ad2a4e3d8fac7014b Mon Sep 17 00:00:00 2001
From: Diana Gudu <diana.gudu@kit.edu>
Date: Wed, 17 Aug 2022 18:56:08 +0200
Subject: [PATCH 2/2] fix pyright fail

---
 flaat/access_tokens.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/flaat/access_tokens.py b/flaat/access_tokens.py
index 6c416ee..dd2d1c3 100644
--- a/flaat/access_tokens.py
+++ b/flaat/access_tokens.py
@@ -45,7 +45,7 @@ class AccessTokenInfo:
     """ Infos about the verification of the JWT.
     If set to `None`, then the JWT data is unverified."""
 
-    def __init__(self, complete_decode, verification=Optional[dict]):
+    def __init__(self, complete_decode, verification):
         self.header = complete_decode.get("header", {})
         self.body = complete_decode.get("payload", {})
         self.signature = _base64_url_encode(complete_decode.get("signature", b""))