authentication_identifier comes from cookies, not headers

2023-11-09 13:50:45 -05:00 · 2023-11-09 13:50:45 -05:00 · 04e763116e
parent 52b90dd28a
commit 04e763116e
1 changed files with 1 additions and 1 deletions
--- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py
+++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py
@ -350,7 +350,7 @@ def _get_user_model_from_token(token: str) -> UserModel | None:

        elif "iss" in decoded_token.keys():
            user_info = None
-            authentication_identifier = request.headers["authentication_identifier"]
+            authentication_identifier = request.cookies["authentication_identifier"]
            try:
                if AuthenticationService.validate_id_or_access_token(
                    token, authentication_identifier=authentication_identifier