Skip to content

Commit

Permalink
HTTP_AUTHORIZATION vs Authorization
Browse files Browse the repository at this point in the history
  • Loading branch information
@gkostin1966
gkostin1966 committed May 3, 2024
1 parent 12dd899 commit 9a4383b
Showing 1 changed file with 16 additions and 9 deletions.
25 changes: 16 additions & 9 deletions lauth/app/actions/authorize.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,24 @@ class Authorize < Lauth::Action
def handle(request, response)
response.format = :json

if request.has_header?("HTTP_AUTHORIZATION") && request.get_header("HTTP_AUTHORIZATION") == "Bearer " + App.app["settings"].bearer_token
result = Lauth::Ops::Authorize.new(
request: Lauth::Access::Request.new(
user: request.params[:user],
uri: request.params[:uri],
client_ip: request.params[:ip]
)
).call
if request.has_header?("Authorization")
if request.get_header("Authorization") == "Bearer " + App.app["settings"].bearer_token
result = Lauth::Ops::Authorize.new(
request: Lauth::Access::Request.new(
user: request.params[:user],
uri: request.params[:uri],
client_ip: request.params[:ip]
)
).call

response.body = result.to_h.to_json
response.body = result.to_h.to_json
else
App.app["logger"].error("Request HTTP authorization failed.")
response.status = 401 # Unauthorized
response.body = Lauth::Access::Request.new.to_h.to_json
end
else
App.app["logger"].error("Request missing HTTP authorization header.")
response.status = 401 # Unauthorized
response.body = Lauth::Access::Request.new.to_h.to_json
end
Expand Down

0 comments on commit 9a4383b

Please sign in to comment.