From 7d7f51cb3afd8c88a0c616b88c8be9fefc2f0e4c Mon Sep 17 00:00:00 2001
From: Constantin Bergatt <constantin.bergatt@dataport.de>
Date: Tue, 11 Jun 2024 08:53:37 +0200
Subject: [PATCH] BC-6453 - make jwt extraction more general

---
 .../authorization-client/authorization-client.adapter.ts     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/apps/server/src/infra/authorization-client/authorization-client.adapter.ts b/apps/server/src/infra/authorization-client/authorization-client.adapter.ts
index 46ac9eafd2d..b4442cdbef4 100644
--- a/apps/server/src/infra/authorization-client/authorization-client.adapter.ts
+++ b/apps/server/src/infra/authorization-client/authorization-client.adapter.ts
@@ -35,7 +35,10 @@ export class AuthorizationClientAdapter {
 
 	private getJWT(): string {
 		const getJWT = ExtractJwt.fromExtractors([ExtractJwt.fromAuthHeaderAsBearerToken(), this.fromCookie('jwt')]);
-		const jwt = getJWT(this.request) || this.request.headers.authorization;
+		let jwt = getJWT(this.request) || this.request.headers.authorization;
+		if (jwt?.toLowerCase()?.startsWith('bearer ')) {
+			[, jwt] = jwt.split(' ');
+		}
 
 		if (!jwt) {
 			throw new UnauthorizedException('Authentication is required.');