TeslaGov/ngx-http-auth-jwt-module

Get JWT from other HTTP headers

DerZade opened this issue · 1 comments

As far as I can see from the code, you can only load the JWT from either the Authorization header or from a cookie. Would be nice if you could also configure this module to load it from another header like the Proxy-Authorization header for example.

Yes, I completely agree. We'd need to support the header value being just the JWT or bearer <JWT>, and allow you to specify the header name in the directive, e.g. auth_jwt_validation_type HEADER=my-header.