giftless
giftless copied to clipboard
datopian
JWT Authorization Header Causes 400
When I add an authorization header which includes a JWT token to the repository configuration:
git config http.https://lfs.sp-tarkov.com/sp-tarkov/.extraheader "Authorization: Bearer TOKEN"
I would expect the requests to be authorized based on the token provided.
It seams the PUT requests are received with two authorization headers, which ends up being interpreted as a "Bad Request", error 400.
> PUT /sp-tarkov/server/objects/storage/4072225a6cbf17ff1fbe30af5197627ab9316d0f1412a465203d5c839e121475 HTTP/1.1
> Host: lfs.sp-tarkov.com
> Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6ImdpZnRsZXNzLWludGVybmFsLWp3dC1rZXkifQ.eyJleHAiOjE3MzMyODc1NDIsImlhdCI6MTczMzI4NzQ4MiwibmJmIjoxNzMzMjg3NDgyLCJzdWIiOiJyZWZyaW5nZSIsIm5hbWUiOiJyZWZyaW5nZSIsInNjb3BlcyI6Im9iajpzcC10YXJrb3Yvc2VydmVyLzQwNzIyMjVhNmNiZjE3ZmYxZmJlMzBhZjUxOTc2MjdhYjkzMTZkMGYxNDEyYTQ2NTIwM2Q1YzgzOWUxMjE0NzU6d3JpdGUifQ.BIQimoboa9wwRwlYHdCeMp5qfzwIahE-6rXSo7T_cBg
> Authorization: Bearer TOKEN
> Content-Length: 12615
> Content-Type: text/plain; charset=utf-8
> User-Agent: git-lfs/3.5.1 (GitHub; darwin arm64; go 1.22.1)
>
{
"Enabled": false,
[...]
}
23:44:42.925961 trace git-lfs: HTTP: 400
< HTTP/2.0 400 Bad Request
< Content-Length: 150
< Content-Type: text/html
< Date: Wed, 04 Dec 2024 04:44:42 GMT
< Server: nginx
The first token seams to be an internal token.
Between this issue and #170, I'm not sure how to get simple JWT authentication working at the moment.
On the latest docker image: https://hub.docker.com/r/datopian/giftless/tags
