Skip to content
This repository was archived by the owner on Aug 29, 2018. It is now read-only.

Add support for 'Bearer token' style header #5

Closed
ekryski opened this issue Dec 6, 2016 · 2 comments
Closed

Add support for 'Bearer token' style header #5

ekryski opened this issue Dec 6, 2016 · 2 comments

Comments

@ekryski
Copy link
Member

ekryski commented Dec 6, 2016

It should also probably be the first priority. It's as simple as changing these lines to these:

jwtFromRequest: ExtractJwt.fromExtractors([
    ExtractJwt.fromAuthHeader()
    ExtractJwt.fromHeader(jwtSettings.header.toLowerCase()),
    ExtractJwt.fromBodyField(jwtSettings.bodyKey)
])

and writing a quick test.
@ekryski ekryski mentioned this issue Dec 6, 2016
Closed
@timelesshaze
Copy link
Contributor

Fixed by #6

The method fromAuthHeader only checks headers in the form of "Authorization: JWT {token}".
Maybe this should be added anyway, but most implementations prefer Bearer.

This checks for Bearer in a case-sensitive manner, but that should be fine according to RFC6750.

@ekryski
Copy link
Member Author

ekryski commented Dec 14, 2016

Fixed by #6

@ekryski ekryski closed this as completed Dec 14, 2016
@daffl daffl mentioned this issue Dec 31, 2016
Closed
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ekryski @timelesshaze