From 5a69060c77149abb2eed0e02c068116cab784cdf Mon Sep 17 00:00:00 2001 From: Joe DeCock Date: Wed, 23 Aug 2023 14:05:41 -0500 Subject: [PATCH] Fall back to bearer token type Sometimes in customized scenarios, the token type might be unavailable. If that happens, we will now fall back to assuming the token is a bearer token. --- src/Duende.Bff/Extensions/HttpContextExtensions.cs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/Duende.Bff/Extensions/HttpContextExtensions.cs b/src/Duende.Bff/Extensions/HttpContextExtensions.cs index 573b4de3..d77d90f9 100644 --- a/src/Duende.Bff/Extensions/HttpContextExtensions.cs +++ b/src/Duende.Bff/Extensions/HttpContextExtensions.cs @@ -59,8 +59,11 @@ public static async Task GetManagedAccessToken(this HttpConte new AccessTokenRetrievalError("Missing DPoP Json Web Key for DPoP token"), { AccessTokenType: string accessTokenType } => new AccessTokenRetrievalError($"Unexpected access token type: {accessTokenType} - should be one of 'DPoP' or 'Bearer'"), - { AccessTokenType: null } => - new AccessTokenRetrievalError("Missing access token type - should be one of 'DPoP' or 'Bearer'") + { AccessTokenType: null } => + // Fall back to bearer tokens when the access token type is absent. + // In some edge cases, we've seen bearer tokens not have their type specified. + // But that wouldn't be the case if you had a DPoP token. + new BearerTokenResult(token.AccessToken) }; static async Task GetUserOrClientAccessTokenAsync(HttpContext context, UserTokenRequestParameters? userAccessTokenParameters)