From 36a330e056cf11066190c65c63a08ab471d0e260 Mon Sep 17 00:00:00 2001
From: Vasilica Olariu <olariu.vasilica@gmail.com>
Date: Mon, 29 Sep 2025 09:09:42 +0300
Subject: [PATCH] PM-2131 - allow other types of authentication tokens
 throughout the app

---
 src/shared/guards/gitea-webhook-auth.guard.ts          | 2 +-
 src/shared/request/tokenRequestValidator.middleware.ts | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/shared/guards/gitea-webhook-auth.guard.ts b/src/shared/guards/gitea-webhook-auth.guard.ts
index 1506cfa..a1fd68f 100644
--- a/src/shared/guards/gitea-webhook-auth.guard.ts
+++ b/src/shared/guards/gitea-webhook-auth.guard.ts
@@ -45,7 +45,7 @@ export class GiteaWebhookAuthGuard implements CanActivate {
         throw new BadRequestException('Missing authorization header');
       }
 
-      if (authHeader !== `Bearer ${auth}`) {
+      if (authHeader !== `SecretKey ${auth}`) {
         this.logger.error('Invalid authorization header');
         throw new ForbiddenException('Invalid authorization');
       }
diff --git a/src/shared/request/tokenRequestValidator.middleware.ts b/src/shared/request/tokenRequestValidator.middleware.ts
index 24f7aae..a5a0194 100644
--- a/src/shared/request/tokenRequestValidator.middleware.ts
+++ b/src/shared/request/tokenRequestValidator.middleware.ts
@@ -22,7 +22,11 @@ export class TokenValidatorMiddleware implements NestMiddleware {
 
     const [type, idToken] = request.headers.authorization.split(' ') ?? [];
 
-    if (type !== 'Bearer' || !idToken) {
+    if (type !== 'Bearer') {
+      return next();
+    }
+    
+    if (!idToken) {
       throw new UnauthorizedException('Invalid or missing JWT!');
     }