fix:Multiple bypass keys (#2668)

keep/identitymanager/authverifierbase.py

@@ -83,9 +83,10 @@ def __init__(self, scopes: list[str] = []) -> None:
         self.key_last_used_updates = {}
         # check if read only instance
         self.read_only = config("KEEP_READ_ONLY", default="false") == "true"
-        self.read_only_bypass_key = config("KEEP_READ_ONLY_BYPASS_KEY", default="")
+        self.read_only_bypass_keys = config("KEEP_READ_ONLY_BYPASS_KEY", default="")
+        self.read_only_bypass_keys = self.read_only_bypass_keys.split(",")
         # if read_only is enabled, read_only_bypass_key must be set
-        if self.read_only and not self.read_only_bypass_key:
+        if self.read_only and not self.read_only_bypass_keys:
             raise ValueError(
                 "KEEP_READ_ONLY_BYPASS_KEY must be set if KEEP_READ_ONLY is enabled"
             )
@@ -113,7 +114,7 @@ def __call__(
             HTTPException: If authentication or authorization fails.
         """
         self.logger.debug("Starting authentication process")
-        if self.read_only and api_key != self.read_only_bypass_key:
+        if self.read_only and api_key not in self.read_only_bypass_keys:
             # check if the scopes have scopes other than only read
             if any([scope.split(":")[0] != "read" for scope in self.scopes]):
                 self.logger.error("Read only instance, but non-read scopes requested")