This is an automated email from the ASF dual-hosted git repository.
hefengen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shenyu.git
The following commit(s) were added to refs/heads/master by this push:
new da9e6a69cb fix authorization conflict (#5381)
da9e6a69cb is described below
commit da9e6a69cb4d397a5e5b30bd2a2cec2251ca1309
Author: NanMu <[email protected]>
AuthorDate: Sun Dec 24 14:02:55 2023 +0800
fix authorization conflict (#5381)
Co-authored-by: ‘xcsnx’ <‘[email protected]’>
---
.../src/main/java/org/apache/shenyu/common/constant/Constants.java | 7 ++++++-
.../apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java | 5 ++++-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git
a/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
b/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
index 8cb9910056..aeea5e5615 100644
---
a/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
+++
b/shenyu-common/src/main/java/org/apache/shenyu/common/constant/Constants.java
@@ -231,7 +231,12 @@ public interface Constants {
* The constant URI.
*/
String URI = "uri";
-
+
+ /**
+ * The constant header key of sign plugin version-2.
+ */
+ String SHENYU_AUTHORIZATION = "ShenYu-Authorization";
+
/**
* The constant LINE_SEPARATOR.
*/
diff --git
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
index 5e3f4b1511..44a943b5c2 100644
---
a/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
+++
b/shenyu-plugin/shenyu-plugin-security/shenyu-plugin-sign/src/main/java/org/apache/shenyu/plugin/sign/extractor/VersionTwoExtractor.java
@@ -26,6 +26,7 @@ import org.springframework.http.HttpRequest;
import java.util.Base64;
import java.util.Map;
+import java.util.Optional;
import static
org.apache.shenyu.plugin.sign.extractor.DefaultExtractor.VERSION_2;
@@ -34,7 +35,9 @@ public class VersionTwoExtractor implements
SignParameterExtractor {
@Override
public SignParameters extract(final HttpRequest httpRequest) {
- String token =
httpRequest.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
+ // use ShenYu-Authorization to avoid conflict with another
Authorization
+ String token =
Optional.ofNullable(httpRequest.getHeaders().getFirst(Constants.SHENYU_AUTHORIZATION))
+
.orElse(httpRequest.getHeaders().getFirst(HttpHeaders.AUTHORIZATION));
if (StringUtils.isEmpty(token) || !token.contains(".")) {
return new SignParameters();