parent
ed83c27f0e
commit
48b2a5c37c
@ -5,7 +5,6 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/micro/go-micro/v2/auth"
|
"github.com/micro/go-micro/v2/auth"
|
||||||
"github.com/micro/go-micro/v2/metadata"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// CombinedAuthHandler wraps a server and authenticates requests
|
// CombinedAuthHandler wraps a server and authenticates requests
|
||||||
@ -42,15 +41,16 @@ func (h authHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var token string
|
var token string
|
||||||
if header, ok := metadata.Get(req.Context(), "Authorization"); ok {
|
if header := req.Header.Get("Authorization"); len(header) > 0 {
|
||||||
// Extract the auth token from the request
|
// Extract the auth token from the request
|
||||||
if strings.HasPrefix(header, BearerScheme) {
|
if strings.HasPrefix(header, BearerScheme) {
|
||||||
token = header[len(BearerScheme):]
|
token = header[len(BearerScheme):]
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Get the token out the cookies if not provided in headers
|
// Get the token out the cookies if not provided in headers
|
||||||
if c, err := req.Cookie(auth.CookieName); err != nil && c != nil {
|
if c, err := req.Cookie("micro-token"); err == nil && c != nil {
|
||||||
token = c.Value
|
token = strings.TrimPrefix(c.Value, auth.CookieName+"=")
|
||||||
|
req.Header.Set("Authorization", BearerScheme+token)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -38,6 +38,7 @@ func SetHeaders(w http.ResponseWriter, r *http.Request) {
|
|||||||
set(w, "Access-Control-Allow-Origin", "*")
|
set(w, "Access-Control-Allow-Origin", "*")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set(w, "Access-Control-Allow-Credentials", "true")
|
||||||
set(w, "Access-Control-Allow-Methods", "POST, PATCH, GET, OPTIONS, PUT, DELETE")
|
set(w, "Access-Control-Allow-Methods", "POST, PATCH, GET, OPTIONS, PUT, DELETE")
|
||||||
set(w, "Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
set(w, "Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
||||||
}
|
}
|
||||||
|
@ -123,7 +123,7 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
|
|||||||
if md, ok := metadata.FromContext(ctx); ok {
|
if md, ok := metadata.FromContext(ctx); ok {
|
||||||
header = make(map[string]string, len(md))
|
header = make(map[string]string, len(md))
|
||||||
for k, v := range md {
|
for k, v := range md {
|
||||||
header[k] = v
|
header[strings.ToLower(k)] = v
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
header = make(map[string]string)
|
header = make(map[string]string)
|
||||||
@ -133,9 +133,12 @@ func (g *grpcClient) call(ctx context.Context, node *registry.Node, req client.R
|
|||||||
header["timeout"] = fmt.Sprintf("%d", opts.RequestTimeout)
|
header["timeout"] = fmt.Sprintf("%d", opts.RequestTimeout)
|
||||||
// set the content type for the request
|
// set the content type for the request
|
||||||
header["x-content-type"] = req.ContentType()
|
header["x-content-type"] = req.ContentType()
|
||||||
|
|
||||||
// set the authorization token if one is saved locally
|
// set the authorization token if one is saved locally
|
||||||
if token, err := config.Get("token"); err == nil && len(token) > 0 {
|
if len(header["authorization"]) == 0 {
|
||||||
header["authorization"] = BearerScheme + token
|
if token, err := config.Get("token"); err == nil && len(token) > 0 {
|
||||||
|
header["authorization"] = BearerScheme + token
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
md := gmetadata.New(header)
|
md := gmetadata.New(header)
|
||||||
|
Loading…
Reference in New Issue
Block a user