JWT Authorization improvement

[djegithub]

Hi all,

I'm working with Ant media server enterprises 2.9.0 and code generation from the openapi with openapi-generator-maven-plugin

I'm using JWT authentication for the REST API and added the security scheme of the openapi:
"securitySchemes": {
"bearerAuth": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "JWT"
}
}

The generation of code uses the standard Authorization header as defined here : https://www.rfc-editor.org/rfc/rfc6750#section-2.1 and there https://swagger.io/docs/specification/authentication/bearer-authentication/.
My issue is that Ant Media API takes a header: "Authorization: " instead of the standard "Authorization: Bearer". Ant Media is not wrong in the sense the "Bearer" part is a SHOULD in the RFC but it would be great if the server was able to cope with both so code generation works out of the box instead of adding workaround. For now, I need to add an extra filter to add an extra filter to fix that.

Would it be possible to apply this basic backward compatible fix? In java that I think is used:
headerValue.replaceFirst("^Bearer ", "")

Open for discussion :-)

[lastpeony]

Hello,
Yes we can also read jwt from Authorization: Bearer field if it does not exist on Authorization:
I converted this discussion to a feature request issue.
#6516
Thanks