feature: Parse only Bearer tokens and or unnamed tokens #96
Labels
feature-request
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I congratulate you on the plugin before I start!
Is your feature request related to a problem?
I request this feature because of WooCommerce, but in general any other plugin could work this way.
When the user is not logged in, I don't have a JWT to pass to WooCommerce endpoints.
So I am forced to use Basic Authorization or OAuth V1. But if I pass on the header one of these authorizations, this JWT plugin will intercept the header and throw an error because according to it it is invalid.
Describe the solution you'd like
My solution would be to force the token with the word
Bearerin front of it to be passed on the header. The new regex would be^(?:Bearer\s)(.*)$for the file BaseService.php line 168.If this is not possible, I would say that it would be great that if the value in the header starts with something other than
Bearerit would ignore the token. The regex then could be^(?:Bearer\s)?([^\s]+)$Additional context
You can test the problem by running the product call for WooCommerce using Basic Authorization or OAuth V1. Enabling auto login with the key in the
Authorizationheader.I know I can set this JWT plugin to read the value on a different key in the header but I would like to avoid.
The text was updated successfully, but these errors were encountered: