From 434b9255b74ab6a396357eb64c079069d8e45102 Mon Sep 17 00:00:00 2001 From: Mevan Date: Fri, 4 Oct 2024 13:23:44 +0530 Subject: [PATCH] Improve x-forwarded-authorization header setting logic --- .../connect/enforcer/security/jwt/JWTAuthenticator.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java index ea467e6ee7..6682c40f74 100644 --- a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java +++ b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java @@ -818,6 +818,7 @@ private String exchangeJWTForPAT(RequestContext requestContext, String pat) thro if (log.isDebugEnabled()) { log.debug("Token retrieved from the cache. Token: " + FilterUtils.getMaskedToken(pat)); } + setXForwardedAuthorizationHeader(requestContext, (String) cachedJWT); return (String) cachedJWT; } Optional jwt = APIKeyUtils.exchangePATToJWT(keyHash); @@ -828,10 +829,14 @@ private String exchangeJWTForPAT(RequestContext requestContext, String pat) thro } CacheProvider.getGatewayAPIKeyJWTCache().put(keyHash, jwt.get()); // Add jwt to x-forwarded-authorization header. - requestContext.addOrModifyHeaders("x-forwarded-authorization", jwt.get()); + setXForwardedAuthorizationHeader(requestContext, jwt.get()); return jwt.get(); } + private void setXForwardedAuthorizationHeader(RequestContext requestContext, String jwt) { + requestContext.addOrModifyHeaders("x-forwarded-authorization", String.format("Bearer %s", jwt)); + } + public String extractJWTInWSProtocolHeader(RequestContext requestContext) { String protocolHeader = requestContext.getHeaders().get( HttpConstants.WEBSOCKET_PROTOCOL_HEADER);