- Issue created by @amr_alsayd
- πΈπ¦Saudi Arabia abdulaziz zaid Riyadh
Thanks, @amr_alsayd.
The patch is working for me. Thanks for that.
I hope this change gets approved.
- πΊπΈUnited States pwolanin
This patch would break all existing sites, so it is not acceptable.
Clearly we already support the
'JWT-Authorization'header.Since Oauth2 may be using a JWT as the token, I'm not sure there is an easy way to make these compatible.
A partial fix could be to change the method
\Drupal\jwt\Authentication\Provider\JwtAuth::getJwtFromRequest()and make the regex more specific to the pattern of a JWT so it would ignore some other kind of token being used by OAuth2 - πΊπΈUnited States pwolanin
Something like this - passes a quick check, and maybe the minimum size of each segment should be larger.
- πΊπΈUnited States pwolanin
Is this the module that you see conflicting? https://www.drupal.org/project/simple_oauth β
A further approach could be a setting in settings.php to change the default header (or default and fallback headers) that would come via
\Drupal\Core\Site\Settingswhich we are already injecting into this class - πΊπΈUnited States pwolanin
This seems more-or-less duplicate to this bug reported several years ago:
#3189827: Access denied with bearer token on oauth/debug when Jwt is installed β