Mercurial > hg > orthanc-authorization
comparison Plugin/AuthorizationWebService.cpp @ 154:ae1bd3d15f81
add GET argument tokens as HTTP headers in the query to the auth-service
author | Alain Mazy <am@osimis.io> |
---|---|
date | Mon, 18 Mar 2024 14:52:33 +0100 |
parents | 9be1ee2b8fe1 |
children | c4b908970ae4 |
comparison
equal
deleted
inserted
replaced
153:3683f3d083bd | 154:ae1bd3d15f81 |
---|---|
114 authClient.SetMethod(Orthanc::HttpMethod_Post); | 114 authClient.SetMethod(Orthanc::HttpMethod_Post); |
115 authClient.AddHeader("Content-Type", "application/json"); | 115 authClient.AddHeader("Content-Type", "application/json"); |
116 authClient.AddHeader("Expect", ""); | 116 authClient.AddHeader("Expect", ""); |
117 authClient.SetTimeout(10); | 117 authClient.SetTimeout(10); |
118 | 118 |
119 if (token != NULL && | 119 if (token != NULL) |
120 token->GetType() == TokenType_HttpHeader) | 120 { |
121 { | 121 // Also include the token in the HTTP headers of the query to the auth-service. |
122 // If the token source is a HTTP header, forward it also as a | |
123 // HTTP header except if it is the Authorization header that might conflict with username_ and password_ | |
124 std::string lowerTokenKey; | 122 std::string lowerTokenKey; |
125 Orthanc::Toolbox::ToLowerCase(lowerTokenKey, token->GetKey()); | 123 Orthanc::Toolbox::ToLowerCase(lowerTokenKey, token->GetKey()); |
126 | 124 |
125 // However, if we have defined a username/password to access this webservice, | |
126 // we should make sure that the added token does not interfere with the username_ and password_. | |
127 if (!(lowerTokenKey == "authorization" && !username_.empty())) | 127 if (!(lowerTokenKey == "authorization" && !username_.empty())) |
128 { | 128 { |
129 authClient.AddHeader(token->GetKey(), tokenValue); | 129 authClient.AddHeader(token->GetKey(), tokenValue); |
130 } | 130 } |
131 } | 131 } |