Mercurial > hg > orthanc-authorization
diff Plugin/AuthorizationWebService.cpp @ 154:ae1bd3d15f81
add GET argument tokens as HTTP headers in the query to the auth-service
author | Alain Mazy <am@osimis.io> |
---|---|
date | Mon, 18 Mar 2024 14:52:33 +0100 |
parents | 9be1ee2b8fe1 |
children | c4b908970ae4 |
line wrap: on
line diff
--- a/Plugin/AuthorizationWebService.cpp Mon Mar 18 11:58:20 2024 +0100 +++ b/Plugin/AuthorizationWebService.cpp Mon Mar 18 14:52:33 2024 +0100 @@ -116,14 +116,14 @@ authClient.AddHeader("Expect", ""); authClient.SetTimeout(10); - if (token != NULL && - token->GetType() == TokenType_HttpHeader) + if (token != NULL) { - // If the token source is a HTTP header, forward it also as a - // HTTP header except if it is the Authorization header that might conflict with username_ and password_ + // Also include the token in the HTTP headers of the query to the auth-service. std::string lowerTokenKey; Orthanc::Toolbox::ToLowerCase(lowerTokenKey, token->GetKey()); + // However, if we have defined a username/password to access this webservice, + // we should make sure that the added token does not interfere with the username_ and password_. if (!(lowerTokenKey == "authorization" && !username_.empty())) { authClient.AddHeader(token->GetKey(), tokenValue);