Merge pull request #63 from marblestation/bugfix_default_access_token

Bugfix: Make sure access_token is not just the default value ('-')
adsabs · Aug 27, 2020 · 4abfc86 · 4abfc86
2 parents 6652f5b + ce1fd52
commit 4abfc86
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/vault_service/views/utils.py b/vault_service/views/utils.py
@@ -97,7 +97,10 @@ def check_request(request):
 
     new_headers = {}
     # by default, this service will always use the user's token -- the service token should be inserted here only on exceptional occassions
-    new_headers['Authorization'] = request.headers.get('X-Forwarded-Authorization', request.headers.get('Authorization', ''))
+    access_token = request.headers.get('X-Forwarded-Authorization')
+    if access_token in (None, '-'): # Make sure it is not just '-' (default value for other microservices)
+        access_token = request.headers.get('Authorization', '-')
+    new_headers['Authorization'] = access_token
     new_headers['X-Adsws-Uid'] = headers.get('X-Adsws-Uid', str(current_app.config['BOOTSTRAP_USER_ID'])) # User ID
 
     return (payload, new_headers)