Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Fix Authorization header value for unauthenticated users #247

Merged
merged 1 commit into from
Dec 21, 2024
Merged

fix: Fix Authorization header value for unauthenticated users #247

merged 1 commit into from
Dec 21, 2024

Conversation

anton-bcgov
Copy link
Contributor

@anton-bcgov anton-bcgov commented Dec 21, 2024
edited by github-actions bot
Loading

Description

Fix Authorization header value for unauthenticated users

Before: Bearer undefined
After: Bearer

Why this is important

Before, on every unauthenticated request Keycloak was trying to decode the string "undefined" as a valid token and, of course, failed every time and never passed the AuthGuard.

When the token is empty, Keycloak skips the decoding part. In turn, this lets us set up public routes/queries like this:

  @Query(() => null, { name: 'testQuery' })
  @Unprotected(false) // in this context, `false` means "don't skip authentication if token is on the headers"
  async testQuery(@AuthenticatedUser() user) {
    // this logs undefined for unauthenticated users
    // and the decoded token value for authenticated users
    console.log(user);
  }

This means we can reuse the same query for both authenticated and unauthenticated experiences, but change how they are processed by the service. More context here

Thanks for the PR!

Deployments, as required, will be available below:

Please create PRs in draft mode. Mark as ready to enable:

After merge, new images are deployed in:

@anton-bcgov anton-bcgov requested a review from a team as a code owner December 21, 2024 00:34
@anton-bcgov anton-bcgov changed the title Fix Authorization header value for unauthenticated users fix: Fix Authorization header value for unauthenticated users Dec 21, 2024
@anton-bcgov anton-bcgov merged commit f4cba73 into dev Dec 21, 2024
16 of 17 checks passed
@anton-bcgov anton-bcgov deleted the anton/auth-header-fix branch December 21, 2024 01:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikhila-aot nikhila-aot nikhila-aot approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anton-bcgov @nikhila-aot