Skip to content

Initial attempt to enable JWT auth to look at a configurable header i…#1

Open
martyn-meister wants to merge 4 commits into
masterfrom
configurable-auth-header
Open

Initial attempt to enable JWT auth to look at a configurable header i…#1
martyn-meister wants to merge 4 commits into
masterfrom
configurable-auth-header

Conversation

@martyn-meister
Copy link
Copy Markdown

@martyn-meister martyn-meister commented Oct 19, 2023

…nstead of Authorization

Description

Motivation and Context

How Has This Been Tested?

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.
  • I have created a feature (non-master) branch for my PR.

mgratzer
mgratzer reviewed Oct 19, 2023
View reviewed changes
Comment thread pkg/middleware/jwt_session.go Outdated
func (j *jwtSessionLoader) getJwtSession(req *http.Request) (*sessionsapi.SessionState, error) {
auth := req.Header.Get("Authorization")
authHeader := "Authorization"
if j.jwtAuthHeader == "" {
Copy link
Copy Markdown

@mgratzer mgratzer Oct 19, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we ever use the header from the config in this code (:warning: I have no Go knowledge whatsoever…)

I would assume something like this instead.

	authHeader := "Authorization"
	if j.jwtAuthHeader != nil && len(strings.TrimSpace(j.jwtAuthHeader)) > 0 {
		authHeader = j.jwtAuthHeader
	}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mgratzer mgratzer mgratzer left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@martyn-meister @mgratzer