(shenyu) branch master updated: fix authorization conflict (#5381)

Sat, 23 Dec 2023 22:03:21 -0800 

This is an automated email from the ASF dual-hosted git repository.

hefengen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shenyu.git


The following commit(s) were added to refs/heads/master by this push:
     new da9e6a69cb fix authorization conflict (#5381)
da9e6a69cb is described below

commit da9e6a69cb4d397a5e5b30bd2a2cec2251ca1309
Author: NanMu <[email protected]>
AuthorDate: Sun Dec 24 14:02:55 2023 +0800

    fix authorization conflict (#5381)
    
    Co-authored-by: ‘xcsnx’ <‘[email protected]’>
---
 .../src/main/java/org/apache/shenyu/common/constant/Constants.java | 7 ++++++-
 .../apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java   | 5 ++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git 
a/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java 
b/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
index 8cb9910056..aeea5e5615 100644
--- 
a/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
+++ 
b/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
@@ -231,7 +231,12 @@ public interface Constants {
      * The constant URI.
      */
     String URI = "uri";
-    
+
+    /**
+     * The constant header key of sign plugin version-2.
+     */
+    String SHENYU_AUTHORIZATION = "ShenYu-Authorization";
+
     /**
      * The constant LINE_SEPARATOR.
      */
diff --git 
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
 
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
index 5e3f4b1511..44a943b5c2 100644
--- 
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
+++ 
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
@@ -26,6 +26,7 @@ import org.springframework.http.HttpRequest;
 
 import java.util.Base64;
 import java.util.Map;
+import java.util.Optional;
 
 import static 
org.apache.shenyu.plugin.sign.extractor.DefaultExtractor.VERSION_2;
 
@@ -34,7 +35,9 @@ public class VersionTwoExtractor implements 
SignParameterExtractor {
     @Override
     public SignParameters extract(final HttpRequest httpRequest) {
 
-        String token = 
httpRequest.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
+        // use ShenYu-Authorization to avoid conflict with another 
Authorization
+        String token = 
Optional.ofNullable(httpRequest.getHeaders().getFirst(Constants.SHENYU_AUTHORIZATION))
+                
.orElse(httpRequest.getHeaders().getFirst(HttpHeaders.AUTHORIZATION));
 
         if (StringUtils.isEmpty(token) || !token.contains(".")) {
             return new SignParameters();

Reply via email to