parent
ed83c27f0e
commit
48b2a5c37c
@ -5,7 +5,6 @@ import (
|
||||
"strings"
|
||||
|
||||
"github.com/micro/go-micro/v2/auth"
|
||||
"github.com/micro/go-micro/v2/metadata"
|
||||
)
|
||||
|
||||
// CombinedAuthHandler wraps a server and authenticates requests
|
||||
@ -42,15 +41,16 @@ func (h authHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
}
|
||||
|
||||
var token string
|
||||
if header, ok := metadata.Get(req.Context(), "Authorization"); ok {
|
||||
if header := req.Header.Get("Authorization"); len(header) > 0 {
|
||||
// Extract the auth token from the request
|
||||
if strings.HasPrefix(header, BearerScheme) {
|
||||
token = header[len(BearerScheme):]
|
||||
}
|
||||
} else {
|
||||
// Get the token out the cookies if not provided in headers
|
||||
if c, err := req.Cookie(auth.CookieName); err != nil && c != nil {
|
||||
token = c.Value
|
||||
if c, err := req.Cookie("micro-token"); err == nil && c != nil {
|
||||
token = strings.TrimPrefix(c.Value, auth.CookieName+"=")
|
||||
req.Header.Set("Authorization", BearerScheme+token)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -38,6 +38,7 @@ func SetHeaders(w http.ResponseWriter, r *http.Request) {
|
||||
set(w, "Access-Control-Allow-Origin", "*")
|
||||
}
|
||||
|
||||
set(w, "Access-Control-Allow-Credentials", "true")
|
||||
set(w, "Access-Control-Allow-Methods", "POST, PATCH, GET, OPTIONS, PUT, DELETE")
|
||||
set(w, "Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
||||
}
|
||||
|
@ -123,7 +123,7 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
|
||||
if md, ok := metadata.FromContext(ctx); ok {
|
||||
header = make(map[string]string, len(md))
|
||||
for k, v := range md {
|
||||
header[k] = v
|
||||
header[strings.ToLower(k)] = v
|
||||
}
|
||||
} else {
|
||||
header = make(map[string]string)
|
||||
@ -133,9 +133,12 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
|
||||
header["timeout"] = fmt.Sprintf("%d", opts.RequestTimeout)
|
||||
// set the content type for the request
|
||||
header["x-content-type"] = req.ContentType()
|
||||
|
||||
// set the authorization token if one is saved locally
|
||||
if token, err := config.Get("token"); err == nil && len(token) > 0 {
|
||||
header["authorization"] = BearerScheme + token
|
||||
if len(header["authorization"]) == 0 {
|
||||
if token, err := config.Get("token"); err == nil && len(token) > 0 {
|
||||
header["authorization"] = BearerScheme + token
|
||||
}
|
||||
}
|
||||
|
||||
md := gmetadata.New(header)
|
||||
|
Loading…
x
Reference in New Issue
Block a user