Thanks Jacques for detail,
but I think name is not always Authorisation in code we are having lots of
request.getHeader usage and its breaks their usage.
I'll confirm and reply here (just for reference.)
Need to backport this to 17.12 as well.
Thanks & Regards
--
Deepak Dixit
www.hotwaxsystems.com
www.hotwax.co
On Tue, Jan 16, 2018 at 3:26 PM, Jacques Le Roux <
jacques.le.r...@les7arts.com> wrote:
> Le 16/01/2018 à 09:53, Deepak Dixit a écrit :
>
>> + return super.getHeader("Authorisation");
>>>
>>> I think this should be
>>
>> return super.getHeader(name);
>>
> Thanks Deepak,
>
> Actually let me explain the context here (maybe not for you but at large)
> In the case of ExternalLoginKeysManager, it's always "Authorisation". It's
> explained there
> https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization
> https://en.wikipedia.org/wiki/Basic_access_authentication
> And it's the only usage of the wrapper so far.
>
> Note that in the case of JWT token used in OAuth 2 you normally need to
> use a bearer token
> https://www.google.fr/search?q=http+authorization+header+bearer&ie=UTF-8
> But in the case I committed it was not necessary (it's not OAuth 2, just a
> JWT token) and I must say I got issue trying to encode things with it
>
> Anyway you are right, why not using name there, it will not change things,
> and the wrapper idea could be then reused/refactored when adding other
> related features, will do :)
>
> Jacques
>
>
