GitHub user adrianhaj added a comment to the discussion: How to use two jwt
headers one for normal flow "Authorization" and second for service to service
"X-Service-Authorization"
Hi @GutOFF, I was able to implement this using a different approach, first I
create my own `CustomSecurityManager` and I have logic and I override method:
```
def before_request(self):
"""Process authentication before each request"""
super(CustomSecurityManager, self).before_request()
# Check if user is not already authenticated
if not g.user or not g.user.is_authenticated:
# Check if we have a validated service token
service_token = request.headers.get(self.token_header_name)
if not service_token:
return
try:
token_data = self.token_validator.validate_token(service_token)
self._handle_service_login(token_data)
except ValueError as e:
self.logger.warning(f"Service token validation failed:
{str(e)}")
# If token is present but invalid, deny access
abort(401, description=f"Invalid service account token:
{str(e)}")
```
GitHub link:
https://github.com/apache/superset/discussions/33131#discussioncomment-13167958
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
