Skip to content

Commit

Permalink
fix: allow authenticating with query string in asset preview url
Browse files Browse the repository at this point in the history
  • Loading branch information
@mohsenk
mohsenk committed Sep 21, 2024
1 parent f23a7c3 commit 84e28f4
Showing 1 changed file with 11 additions and 2 deletions.
13 changes: 11 additions & 2 deletions src/main/java/app/teamwize/api/auth/interceptor/JwtAuthorizationFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,11 @@ public class JwtAuthorizationFilter extends OncePerRequestFilter {
private final AuthenticationService detailsService;
private final TokenService tokenService;

private String jwtHeaderName = "Authorization";
private final String jwtHeaderName = "Authorization";

private String apiKeyHeaderName = "API-Key";
private final String apiKeyHeaderName = "API-Key";

private final String tokenQueryStringName = "token";


@Override
Expand Down Expand Up @@ -60,7 +62,14 @@ private boolean apiKeyHeaderExist(HttpServletRequest request) {
return StringUtils.hasText(request.getHeader(apiKeyHeaderName));
}

private boolean tokenQueryParamExist(HttpServletRequest request) {
return StringUtils.hasText(request.getParameter(tokenQueryStringName));
}

private String getJwtToken(HttpServletRequest request) {
if (tokenQueryParamExist(request)) {
return request.getParameter(tokenQueryStringName);
}
return tokenService.getJwtFromRequest(request.getHeader(jwtHeaderName));
}

Expand Down

0 comments on commit 84e28f4

Please sign in to comment.