diff --git a/userfront/lib/core/services/auth_proxy_service.dart b/userfront/lib/core/services/auth_proxy_service.dart index 3ca09ca8..d5178f06 100644 --- a/userfront/lib/core/services/auth_proxy_service.dart +++ b/userfront/lib/core/services/auth_proxy_service.dart @@ -3,6 +3,7 @@ import 'package:http/http.dart' as http; import 'package:flutter_dotenv/flutter_dotenv.dart'; import 'http_client.dart'; import 'web_window.dart'; +import 'auth_token_store.dart'; class AuthProxyService { static String _envOrDefault(String key, String fallback) { @@ -596,11 +597,21 @@ class AuthProxyService { static Future> fetchLinkedRps() async { final url = Uri.parse('$_baseUrl/api/v1/user/rp/linked'); - final client = createHttpClient(withCredentials: true); + final useCookie = AuthTokenStore.usesCookie(); + final token = AuthTokenStore.getToken(); + + final client = createHttpClient(withCredentials: useCookie); + final headers = { + 'Content-Type': 'application/json', + }; + if (!useCookie && token != null) { + headers['Authorization'] = 'Bearer $token'; + } + try { final response = await client.get( url, - headers: {'Content-Type': 'application/json'}, + headers: headers, ); if (response.statusCode == 200) { @@ -616,11 +627,21 @@ class AuthProxyService { static Future revokeLinkedRp(String clientId) async { final url = Uri.parse('$_baseUrl/api/v1/user/rp/linked/$clientId'); - final client = createHttpClient(withCredentials: true); + final useCookie = AuthTokenStore.usesCookie(); + final token = AuthTokenStore.getToken(); + + final client = createHttpClient(withCredentials: useCookie); + final headers = { + 'Content-Type': 'application/json', + }; + if (!useCookie && token != null) { + headers['Authorization'] = 'Bearer $token'; + } + try { final response = await client.delete( url, - headers: {'Content-Type': 'application/json'}, + headers: headers, ); if (response.statusCode != 200) {