From 184ed15ef6aa9ec130f98bce8be05e327b2f49cb Mon Sep 17 00:00:00 2001
From: David Fowler <davidfowl@gmail.com>
Date: Mon, 8 May 2023 00:21:24 -0700
Subject: [PATCH] Clean up the auth delegating handler

---
 src/Web/WebMVC/Extensions/Extensions.cs       |  5 ++++-
 ...ttpClientAuthorizationDelegatingHandler.cs | 22 +++----------------
 2 files changed, 7 insertions(+), 20 deletions(-)

diff --git a/src/Web/WebMVC/Extensions/Extensions.cs b/src/Web/WebMVC/Extensions/Extensions.cs
index 8c8a6843c..a35499a93 100644
--- a/src/Web/WebMVC/Extensions/Extensions.cs
+++ b/src/Web/WebMVC/Extensions/Extensions.cs
@@ -102,7 +102,10 @@ internal static class Extensions
             // Set the access token as a bearer token for the outgoing request
             var accessToken = await httpContext.GetTokenAsync("access_token");
 
-            proxyRequest.Headers.Authorization = new("Bearer", accessToken);
+            if (accessToken is not null)
+            {
+                proxyRequest.Headers.Authorization = new("Bearer", accessToken);
+            }
 
             await base.TransformRequestAsync(httpContext, proxyRequest, destinationPrefix, cancellationToken);
         }
diff --git a/src/Web/WebMVC/Infrastructure/HttpClientAuthorizationDelegatingHandler.cs b/src/Web/WebMVC/Infrastructure/HttpClientAuthorizationDelegatingHandler.cs
index e9f21a4f0..494a41270 100644
--- a/src/Web/WebMVC/Infrastructure/HttpClientAuthorizationDelegatingHandler.cs
+++ b/src/Web/WebMVC/Infrastructure/HttpClientAuthorizationDelegatingHandler.cs
@@ -12,29 +12,13 @@ public class HttpClientAuthorizationDelegatingHandler
 
     protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
     {
-        var authorizationHeader = _httpContextAccessor.HttpContext
-            .Request.Headers["Authorization"];
+        var accessToken = await _httpContextAccessor.HttpContext.GetTokenAsync("access_token");
 
-        if (!string.IsNullOrEmpty(authorizationHeader))
+        if (accessToken is not null)
         {
-            request.Headers.Add("Authorization", new List<string>() { authorizationHeader });
-        }
-
-        var token = await GetToken();
-
-        if (token != null)
-        {
-            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
         }
 
         return await base.SendAsync(request, cancellationToken);
     }
-
-    async Task<string> GetToken()
-    {
-        const string ACCESS_TOKEN = "access_token";
-
-        return await _httpContextAccessor.HttpContext
-            .GetTokenAsync(ACCESS_TOKEN);
-    }
 }