- πΊπΈUnited States devkinetic
+1 very relevant. This module currently uses custom headers, when in reality there are already standards in place for how API key auth should be setup in a request, and how the responses should be formatted.
We would like to support authentication in the JWT using Bearer schema:
Authorization: Bearer <token>
Extend the KeyAuth service to parse the header content. Here's a preliminary code borrowed from JWT module (https://git.drupalcode.org/project/jwt/-/blob/8.x-1.x/src/Authentication...)
public static function getToken(Request $request) {
$auth_headers = [];
$auth = $request->headers->get('Authorization');
if ($auth) {
$auth_headers[] = $auth;
}
// Check a second header used in combination with basic auth.
$fallback = $request->headers->get('JWT-Authorization');
if ($fallback) {
$auth_headers[] = $fallback;
}
foreach ($auth_headers as $value) {
if (preg_match('/^Bearer (.+)/', $value, $matches)) {
return $matches[1];
}
}
return FALSE;
}
Active
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
+1 very relevant. This module currently uses custom headers, when in reality there are already standards in place for how API key auth should be setup in a request, and how the responses should be formatted.