proxy: also set the "Www-Authenticate" header for graph request

There doesn't seem to be a good reason to treat the graph service differently here.
2026-02-18 03:18:52 -06:00 · 2023-10-05 16:38:01 +02:00
parent 951e1e5a09
commit dfeff633fa
1 changed files with 1 additions and 7 deletions
--- a/services/proxy/pkg/middleware/authentication.go
+++ b/services/proxy/pkg/middleware/authentication.go
@@ -89,13 +89,7 @@ func Authentication(auths []Authenticator, opts ...Option) func(next http.Handle
 				}

 				// if the request is not bound to any user agent, write all available challenges
-				if !touch &&
-					// This is a temporary hack... Before the authentication middleware rewrite all
-					// unauthenticated requests were still handled. The reva http services then did add
-					// the supported authentication headers to the response. Since we are not allowing the
-					// requests to continue so far we have to do it here. But we shouldn't do it for the graph service.
-					// That's the reason for this hard check here.
-					!strings.HasPrefix(r.URL.Path, "/graph") {
+				if !touch {
 					writeSupportedAuthenticateHeader(w, r)
 				}
 			}