nodece commented on code in PR #16650:
URL: https://github.com/apache/pulsar/pull/16650#discussion_r923439228
##########
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderToken.java:
##########
@@ -387,4 +387,26 @@ public boolean isExpired() {
return expiration < System.currentTimeMillis();
}
}
+
+ private static final class HttpServletRequestWrapper extends
javax.servlet.http.HttpServletRequestWrapper {
+ private final HttpServletRequest request;
+
+ public HttpServletRequestWrapper(HttpServletRequest request) {
+ super(request);
+ this.request = request;
+ }
+
+ @Override
+ public String getHeader(String name) {
+ // The browser javascript WebSocket client couldn't add the auth
param to the request header, use the
+ // query param `token` to transport the auth token for the browser
javascript WebSocket client.
+ if (name.equals(HTTP_HEADER_NAME) &&
request.getHeader(HTTP_HEADER_NAME) == null) {
+ String token = request.getParameter(TOKEN);
+ if (token != null &&
!token.startsWith(HTTP_HEADER_VALUE_PREFIX)) {
Review Comment:
You are right!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
