From 9839cafdd504f5ec40a123f0b4e3c4c33580afc9 Mon Sep 17 00:00:00 2001
From: Darin Kelkhoff <darin.kelkhoff@gmail.com>
Date: Thu, 4 Aug 2022 13:20:47 -0500
Subject: [PATCH] Changes pushed to qqq-middleware-javalin (solo-repo) in 0.2
 support

---
 .../javalin/QJavalinImplementation.java       | 32 +++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinImplementation.java b/qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinImplementation.java
index 2dddf8d6..b67241ee 100644
--- a/qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinImplementation.java
+++ b/qqq-middleware-javalin/src/main/java/com/kingsrook/qqq/backend/javalin/QJavalinImplementation.java
@@ -251,11 +251,39 @@ public class QJavalinImplementation
       try
       {
          Map<String, String> authenticationContext = new HashMap<>();
-         authenticationContext.put(SESSION_ID_COOKIE_NAME, context.cookie(SESSION_ID_COOKIE_NAME));
+
+         /////////////////////////////////////////////////////////////////////////////////
+         // look for a token in either the sessionId cookie, or an Authorization header //
+         /////////////////////////////////////////////////////////////////////////////////
+         String sessionIdCookieValue = context.cookie(SESSION_ID_COOKIE_NAME);
+         if(StringUtils.hasContent(sessionIdCookieValue))
+         {
+            authenticationContext.put(SESSION_ID_COOKIE_NAME, sessionIdCookieValue);
+         }
+         else
+         {
+            String authorizationHeaderValue = context.header("Authorization");
+            if (authorizationHeaderValue != null)
+            {
+               String bearerPrefix = "Bearer ";
+               if(authorizationHeaderValue.startsWith(bearerPrefix))
+               {
+                  authorizationHeaderValue = authorizationHeaderValue.replaceFirst(bearerPrefix, "");
+               }
+               authenticationContext.put(SESSION_ID_COOKIE_NAME, authorizationHeaderValue);
+            }
+         }
+
          QSession session = authenticationModule.createSession(qInstance, authenticationContext);
          input.setSession(session);
 
-         context.cookie(SESSION_ID_COOKIE_NAME, session.getIdReference(), SESSION_COOKIE_AGE);
+         /////////////////////////////////////////////////////////////////////////////////
+         // if we got a session id cookie in, then send it back with updated cookie age //
+         /////////////////////////////////////////////////////////////////////////////////
+         if(StringUtils.hasContent(sessionIdCookieValue))
+         {
+            context.cookie(SESSION_ID_COOKIE_NAME, session.getIdReference(), SESSION_COOKIE_AGE);
+         }
       }
       catch(QAuthenticationException qae)
       {