Remove duplicated constants in oidc.py (#1162)

sigstore · Oct 7, 2024 · b195914 · b195914
1 parent f2e179d
commit b195914
Showing 1 changed file with 1 addition and 11 deletions.
diff --git a/sigstore/oidc.py b/sigstore/oidc.py
@@ -59,16 +59,6 @@ class _OpenIDConfiguration(BaseModel):
     token_endpoint: StrictStr
 
 
-# See: https://github.com/sigstore/fulcio/blob/b2186c0/pkg/config/config.go#L182-L201
-_KNOWN_OIDC_ISSUERS = {
-    "https://accounts.google.com": "email",
-    "https://oauth2.sigstore.dev/auth": "email",
-    "https://oauth2.sigstage.dev/auth": "email",
-    "https://token.actions.githubusercontent.com": "sub",
-}
-DEFAULT_AUDIENCE = "sigstore"
-
-
 class ExpiredIdentity(Exception):
     """An error raised when an identity token is expired."""
 
@@ -103,7 +93,7 @@ def __init__(self, raw_token: str) -> None:
                     # See: https://openid.net/specs/openid-connect-basic-1_0.html#IDToken
                     "require": ["aud", "sub", "iat", "exp", "iss"],
                 },
-                audience=DEFAULT_AUDIENCE,
+                audience=_DEFAULT_AUDIENCE,
                 # NOTE: This leeway shouldn't be strictly necessary, but is
                 # included to preempt any (small) skew between the host
                 # and the originating IdP.