Yannick Schaus 426bd112b7 [REST/Auth] Always accept tokens in the alt header (#1631) ... Currently the AuthFilter will try to find a token in the X-OPENHAB-TOKEN HTTP header - only when it finds a cookie named X-OPENHAB-AUTH-HEADER. It can cause problems because browsers or proxies might block the cookie from being sent for various reasons (for instance if there's a path set for it). There is no downside IMHO to always try to fallback to checking the X-OPENHAB-TOKEN header for a token, if and only if it's not already provided in the Authorization header. It is the responsibility of the client to decide how it wants to authorize the request among the available options - by checking a cookie, or something else entirely. Also removed the '?api_key=' option because Swagger UI doesn't provide tokens that way anymore. Signed-off-by: Yannick Schaus <github@schaus.net>		2020-09-09 20:48:10 +02:00
..
src/main/java/org/openhab/core/io/rest/auth/internal	[REST/Auth] Always accept tokens in the alt header (#1631)	2020-09-09 20:48:10 +02:00
.classpath	Migrate to JAX-RS Whiteboard (#1443)	2020-05-14 22:32:35 +02:00
.project	mavenize openHAB and integrate mavenized ESH repository (#467)	2019-01-28 13:07:31 +01:00
NOTICE	Updated NOTICE files to openHAB (#578)	2019-02-15 10:46:18 +01:00
pom.xml	Implementation of a JWT-based OAuth2 flow for the admin API (#1389)	2020-03-23 22:36:11 +01:00