Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mutliple values in quarkus.oidc.token.header #29390

Closed
thatjasonbourne opened this issue Nov 21, 2022 · 2 comments
Closed

mutliple values in quarkus.oidc.token.header #29390

thatjasonbourne opened this issue Nov 21, 2022 · 2 comments
Labels
area/oidc kind/enhancement New feature or request

Comments

@thatjasonbourne
Copy link

Description

I am using io.quarkus:quarkus-websockets and would like to authorize the handshake request. Since the JavaScript WebSocket API doesn't allow the Authorization header to be sent, I'd like to use the Sec-WebSocket-Protocol header for this, and it works fine when I set quarkus.oidc.token.header=Sec-WebSocket-Protocol (quarkus.oidc.token.header is used in BearerAuthenticationMechanism), but unfortunately I have to use that header in the rest of the app as well. It would be great if I could specify two headers like this: quarkus.oidc.token.header=Authorization,Sec-WebSocket-Protocol

Implementation ideas

BearerAuthenticationMechanism {
        ...
        private String extractBearerToken(RoutingContext context, OidcTenantConfig oidcConfig) {
                final HttpServerRequest request = context.request();

                List<String> headers = oidcConfig.token.header
                        .orElseGet(() -> Collections.singletonList(HttpHeaders.AUTHORIZATION.toString()));

                final String headerValue = headers.stream().map(header -> request.headers().get(header))
                        .filter(Objects::nonNull).findAny().orElse(null);

                ...
        }
        ...
}
@thatjasonbourne thatjasonbourne added the kind/enhancement New feature or request label Nov 21, 2022
@quarkus-bot
Copy link

quarkus-bot bot commented Nov 21, 2022

/cc @pedroigor, @sberyozkin

@sberyozkin
Copy link
Member

@thatjasonbourne Please see #29919 for the way to make it work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/oidc kind/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sberyozkin @thatjasonbourne