Compare commits
1 Commits
aa4fdc5e1b
...
bcd6c8dccf
| Author | SHA1 | Date | |
|---|---|---|---|
|
bcd6c8dccf
|
@@ -179,7 +179,8 @@ public class AuthController {
|
||||
RequestMethod.PUT, RequestMethod.DELETE,
|
||||
RequestMethod.PATCH})
|
||||
public Mono<ResponseEntity<?>> forwardAuth(
|
||||
@RequestHeader(HttpHeaders.AUTHORIZATION) String authorizationHeader,
|
||||
@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false)
|
||||
String authorizationHeader,
|
||||
@RequestHeader(HEADER_X_FORWARDED_METHOD) String originalMethod,
|
||||
@RequestHeader(HEADER_X_FORWARDED_URI) String originalUriString
|
||||
) {
|
||||
@@ -199,6 +200,9 @@ public class AuthController {
|
||||
if (shouldPassThrough(targetServiceClientId, serviceRelativePath)) {
|
||||
return Mono.just(ResponseEntity.status(HttpStatus.NO_CONTENT).build());
|
||||
}
|
||||
if (authorizationHeader == null) {
|
||||
return Mono.just(ResponseEntity.status(HttpStatus.BAD_REQUEST).build());
|
||||
}
|
||||
// no pass-through, check permission
|
||||
final var accessToken = extractBearerToken(authorizationHeader);
|
||||
if (accessToken == null) {
|
||||
|
||||
Reference in New Issue
Block a user