Skip to content

Commit 7f182c3

Browse files
hkreuterhkreuter
committed
OXDEV-8525 Spike authorization from cookies
1 parent 7fe2946 commit 7f182c3

1 file changed

Lines changed: 10 additions & 0 deletions

File tree

src/Framework/RequestReader.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
use Laminas\Diactoros\ServerRequestFactory;
1515
use Lcobucci\JWT\Configuration;
1616
use Lcobucci\JWT\UnencryptedToken;
17+
use OxidEsales\EshopCommunity\Core\Registry;
1718
use OxidEsales\GraphQL\Base\Exception\UnableToParseToken;
1819
use OxidEsales\GraphQL\Base\Service\JwtConfigurationBuilder;
1920
use OxidEsales\GraphQL\Base\Service\TokenValidator;
@@ -145,6 +146,10 @@ private function getAuthorizationHeader(): ?string
145146
return $value;
146147
}
147148

149+
if ($authCookie = $this->getAuthCookie()) {
150+
return 'Bearer ' . $authCookie;
151+
}
152+
148153
if (function_exists('apache_request_headers')) {
149154
$headers = apache_request_headers();
150155

@@ -160,6 +165,11 @@ private function getAuthorizationHeader(): ?string
160165
return null;
161166
}
162167

168+
private function getAuthCookie(): ?string
169+
{
170+
return (string) Registry::getUtilsServer()->getOxCookie('oxapi_jwt');
171+
}
172+
163173
private function getRegularHeaderValue(): ?string
164174
{
165175
if (isset($_SERVER['HTTP_AUTHORIZATION'])) {

0 commit comments

Comments
 (0)