BC-6453 - allow also ONLY jwt in authorization header

apps/server/src/infra/authorization-client/authorization-client.adapter.spec.ts

@@ -200,6 +200,35 @@ describe(AuthorizationClientAdapter.name, () => {
 			);
 		});
 
+		it('should forward the JWT token from authorization header even without Bearer token', async () => {
+			setup();
+
+			const request = createMock<Request>({
+				headers: {
+					authorization: jwtToken,
+				},
+			});
+
+			const adapter = new AuthorizationClientAdapter(authorizationApi, request);
+
+			const params = {
+				context: {
+					action: Action.READ,
+					requiredPermissions: [],
+				},
+				referenceType: AuthorizationBodyParamsReferenceType.COURSES,
+				referenceId: 'someReferenceId',
+			};
+			const expectedOptions = { headers: { authorization: `Bearer ${jwtToken}` } };
+
+			await adapter.hasPermissionByReferences(params);
+
+			expect(authorizationApi.authorizationReferenceControllerAuthorizeByReference).toHaveBeenCalledWith(
+				params,
+				expectedOptions
+			);
+		});
+
 		it('should throw an UnauthorizedException if no JWT token is found', async () => {
 			const request = createMock<Request>({
 				headers: {},

apps/server/src/infra/authorization-client/authorization-client.adapter.ts

@@ -35,10 +35,7 @@ export class AuthorizationClientAdapter {
 
 	private getJWT(): string {
 		const getJWT = ExtractJwt.fromExtractors([ExtractJwt.fromAuthHeaderAsBearerToken(), this.fromCookie('jwt')]);
-		let jwt = getJWT(this.request) || this.request.headers.authorization;
-		if (jwt?.toLowerCase()?.startsWith('bearer ')) {
-			[, jwt] = jwt.split(' ');
-		}
+		const jwt = getJWT(this.request) || this.request.headers.authorization;
 
 		if (!jwt) {
 			throw new UnauthorizedException('Authentication is required.');