lmccay commented on code in PR #1005:
URL: https://github.com/apache/knox/pull/1005#discussion_r2001296584
##########
gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java:
##########
@@ -279,7 +279,14 @@ public Pair<TokenType, String> getWireToken(final
ServletRequest request) throws
// what follows the bearer designator should be the JWT token
being used
// to request or as an access token
token = header.substring(BEARER.length());
- parsed = Pair.of(TokenType.JWT, token);
+
+ // if this appears to be a JWT token then attempt to use it as
such
+ // otherwise assume it is a passcode token
+ if (isJWT(token)) {
Review Comment:
hmmm, I don't really follow. getWireToken already returns Pair<TokenType,
String> which is essentially the same thing, no? Are you suggesting that we
refactor that to push it through the JWTToken ctor and catch an exception on
every passcode use? Throwing exceptions for flow control is generally a poor
practice for performance and design reasons. The current implementation only
throws exceptions in exceptional conditions. Are you suggesting something other
than my assumptions here?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
