Mercurial > hg > orthanc-authorization

diff Plugin/AuthorizationWebService.cpp @ 154:ae1bd3d15f81

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add GET argument tokens as HTTP headers in the query to the auth-service
author Alain Mazy <am@osimis.io>
date Mon, 18 Mar 2024 14:52:33 +0100
parents 9be1ee2b8fe1
children c4b908970ae4
line wrap: on
line diff
--- a/Plugin/AuthorizationWebService.cpp	Mon Mar 18 11:58:20 2024 +0100
+++ b/Plugin/AuthorizationWebService.cpp	Mon Mar 18 14:52:33 2024 +0100
@@ -116,14 +116,14 @@
     authClient.AddHeader("Expect", "");
     authClient.SetTimeout(10);
 
-    if (token != NULL &&
-        token->GetType() == TokenType_HttpHeader)
+    if (token != NULL) 
     {
-      // If the token source is a HTTP header, forward it also as a
-      // HTTP header except if it is the Authorization header that might conflict with username_ and password_
+      // Also include the token in the HTTP headers of the query to the auth-service.
       std::string lowerTokenKey;
       Orthanc::Toolbox::ToLowerCase(lowerTokenKey, token->GetKey());
       
+      // However, if we have defined a username/password to access this webservice, 
+      // we should make sure that the added token does not interfere with the username_ and password_.
       if (!(lowerTokenKey == "authorization" && !username_.empty()))
       {
         authClient.AddHeader(token->GetKey(), tokenValue);