Open in app

Sign in

Write

Sign in

There's a bug in Safari which seems to overrides headers with "Authorization" tags so this method…
1

Dinusha

Johannes Gontrum
Feb 24, 2021

Uh, interesting! To be honest, my first thought was that it sounds like some CORS issue, do you have a link to discussion about that issue?

The JWTBearer class inherits from the HTTPBearer class which we call here:

`credentials: HTTPAuthorizationCredentials = await super().__call__(request)`

I'd add a some custom logic before that to check your custom header first and only look in "Authorization" if it doesn't find anything there:

```

# Check in custom header first

authorization: str = request.headers.get("X-CustomAuthorizationHeader")

scheme, creds = get_authorization_scheme_param(authorization)

credentials = HTTPAuthorizationCredentials(

scheme=scheme, credentials=creds

) if authorization and scheme and creds else None

if not credentials:

credentials: HTTPAuthorizationCredentials = await super().__call__(request)

...

```

I haven't tested it tbh but this is roughly how I'd approach it.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Johannes Gontrum
Johannes Gontrum

Written by Johannes Gontrum

98 Followers
35 Following

❤️ building prototypes & MVPs for early-stage startups ⚙️

Responses (1)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams