From 103405a0cc8b5eb790ba29b35bdd02902bf1ab90 Mon Sep 17 00:00:00 2001
From: "robin.hruska@teskalabs.com" <byewokko@seznam.cz>
Date: Mon, 14 Oct 2024 17:31:17 +0200
Subject: [PATCH] get authorization from request context

---
 asab/api/discovery.py | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/asab/api/discovery.py b/asab/api/discovery.py
index c9b86046..0a37b38d 100644
--- a/asab/api/discovery.py
+++ b/asab/api/discovery.py
@@ -20,7 +20,7 @@
 	jwcrypto = None
 
 from .. import Service
-from ..contextvars import Tenant
+from ..contextvars import Tenant, Request
 
 
 L = logging.getLogger(__name__)
@@ -401,10 +401,17 @@ def session(
 				...
 		"""
 		_headers = {}
-		if isinstance(auth, aiohttp.web.Request):
-			# TODO: This should be the default option. Use contextvar to access the request.
+
+		if auth is None:
+			# By default, use the authorization from the incoming request
+			request = Request.get(None)
+			if request is not None:
+				_headers["Authorization"] = request.headers.get("Authorization")
+
+		elif isinstance(auth, aiohttp.web.Request):
 			assert "Authorization" in auth.headers
 			_headers["Authorization"] = auth.headers.get("Authorization")
+
 		elif auth == "internal":
 			if jwcrypto is None:
 				raise ModuleNotFoundError(
@@ -412,8 +419,7 @@ def session(
 					"Please run 'pip install jwcrypto' or install asab with 'authz' optional dependency."
 				)
 			_headers["Authorization"] = "Bearer {}".format(self.InternalAuthToken.serialize())
-		elif auth is None:
-			pass
+
 		else:
 			raise ValueError(
 				"Invalid 'auth' value. "