support Bearer3 still

2025-04-11 08:08:14 -05:00 · 2017-10-17 08:54:49 -04:00 · 2017-10-17 08:54:49 -04:00 · a63ad7772e
commit a63ad7772e
parent 38106840b9
2 changed files with 10 additions and 7 deletions
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@ -84,7 +84,8 @@ namespace Bit.Api
                    options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
                        globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
                    options.NameClaimType = ClaimTypes.Email;
-                    options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString("Bearer", "access_token");
+                    options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString(
+                        new string[] { "Bearer", "Bearer3" });
                    options.SupportedTokens = SupportedTokens.Jwt;
                });

--- a/src/Api/Utilities/TokenRetrieval.cs
+++ b/src/Api/Utilities/TokenRetrieval.cs
@ -6,8 +6,7 @@ namespace Bit.Api.Utilities
 {
    public static class TokenRetrieval
    {
-        public static Func<HttpRequest, string> FromAuthorizationHeaderOrQueryString(string headerScheme = "Bearer",
-            string qsName = "access_token")
+        public static Func<HttpRequest, string> FromAuthorizationHeaderOrQueryString(string[] authHeaderSchemes)
        {
            return (request) =>
            {
@ -18,9 +17,9 @@ namespace Bit.Api.Utilities
                    // Bearer token could exist in the 'Content-Language' header on clients that want to avoid pre-flights.
                    var languageAuth = request.Headers["Content-Language"].FirstOrDefault();
                    if(string.IsNullOrWhiteSpace(languageAuth) ||
-                        !languageAuth.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
+                        !languageAuth.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
                    {
-                        return request.Query[qsName].FirstOrDefault();
+                        return request.Query["access_token"].FirstOrDefault();
                    }
                    else
                    {
@ -28,9 +27,12 @@ namespace Bit.Api.Utilities
                    }
                }

-                if(authorization.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
+                foreach(var headerScheme in authHeaderSchemes)
                {
-                    return authorization.Substring(headerScheme.Length + 1).Trim();
+                    if(authorization.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
+                    {
+                        return authorization.Substring(headerScheme.Length + 1).Trim();
+                    }
                }

                return null;