From 825619b11d73d0e27461f8870a47e75469800d32 Mon Sep 17 00:00:00 2001
From: Zoe Roux <zoe.roux@zoriya.dev>
Date: Sun, 23 Mar 2025 23:52:31 +0100
Subject: [PATCH] Make `/jwt` return an `Authorization` header for traefik

---
 auth/jwt.go               | 2 ++
 docker-compose.dev-v5.yml | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/auth/jwt.go b/auth/jwt.go
index 91aacec4..07a4b495 100644
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/x509"
 	"encoding/pem"
+	"fmt"
 	"maps"
 	"net/http"
 	"strings"
@@ -67,6 +68,7 @@ func (h *Handler) CreateJwt(c echo.Context) error {
 	if err != nil {
 		return err
 	}
+	c.Response().Header().Add("Authorization", fmt.Sprintf("Bearer %s", t))
 	return c.JSON(http.StatusOK, Jwt{
 		Token: t,
 	})
diff --git a/docker-compose.dev-v5.yml b/docker-compose.dev-v5.yml
index 985be9e4..fda1355a 100644
--- a/docker-compose.dev-v5.yml
+++ b/docker-compose.dev-v5.yml
@@ -86,8 +86,8 @@ services:
       - "traefik.http.routers.api.rule=PathPrefix(`/api/`)"
       - "traefik.http.routers.api.middlewares=phantom-token"
       - "traefik.http.middlewares.phantom-token.forwardauth.address=http://auth:4568/auth/jwt"
-      - "traefik.http.middlewares.phantom-token.forwardauth.authResponseHeaders=Authorization"
       - "traefik.http.middlewares.phantom-token.forwardauth.authRequestHeaders=Authorization,X-Api-Key"
+      - "traefik.http.middlewares.phantom-token.forwardauth.authResponseHeaders=Authorization"
 
   # scanner:
   #   build: ./scanner