1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-23 17:07:42 +01:00

Accept "Content-Language" header for JWT token

This commit is contained in:
Kyle Spearrin 2017-09-14 10:11:48 -04:00
parent 27216efd1f
commit 16e5ba5a76

View File

@ -11,14 +11,24 @@ namespace Bit.Api.Utilities
{
return (request) =>
{
string authorization = request.Headers["Authorization"].FirstOrDefault();
var authorization = request.Headers["Authorization"].FirstOrDefault();
if(string.IsNullOrWhiteSpace(authorization))
{
return request.Query[qsName].FirstOrDefault();
// Bearer token could exist in the 'Content-Language' header on clients that want to avoid pre-flights.
var languageAuth = request.Headers["Content-Language"].FirstOrDefault();
if(string.IsNullOrWhiteSpace(languageAuth) ||
!languageAuth.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
{
return request.Query[qsName].FirstOrDefault();
}
else
{
authorization = languageAuth.Split(',')[0];
}
}
if(authorization.StartsWith(headerScheme + " ", StringComparison.OrdinalIgnoreCase))
if(authorization.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
{
return authorization.Substring(headerScheme.Length + 1).Trim();
}