Merge pull request #185 from DuendeSoftware/joe/fallback-to-bearer

Fall back to bearer token type
DuendeSoftware · Sep 2, 2023 · 09b2c93 · 09b2c93
2 parents f892352 + 5a69060
commit 09b2c93
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/src/Duende.Bff/Extensions/HttpContextExtensions.cs b/src/Duende.Bff/Extensions/HttpContextExtensions.cs
@@ -59,8 +59,11 @@ public static async Task<AccessTokenResult> GetManagedAccessToken(this HttpConte
                  new AccessTokenRetrievalError("Missing DPoP Json Web Key for DPoP token"),
             { AccessTokenType: string accessTokenType } =>
                 new AccessTokenRetrievalError($"Unexpected access token type: {accessTokenType} - should be one of 'DPoP' or 'Bearer'"),
-            { AccessTokenType: null } =>
-                new AccessTokenRetrievalError("Missing access token type - should be one of 'DPoP' or 'Bearer'")
+            { AccessTokenType: null } => 
+                // Fall back to bearer tokens when the access token type is absent.
+                // In some edge cases, we've seen bearer tokens not have their type specified.
+                // But that wouldn't be the case if you had a DPoP token.
+                new BearerTokenResult(token.AccessToken)
         };
 
         static async Task<ClientCredentialsToken> GetUserOrClientAccessTokenAsync(HttpContext context, UserTokenRequestParameters? userAccessTokenParameters)