When trying to use HTTP Basic Auth together with another Auth scheme like JWT, you face two issues that are circumvented by this Pull Request.
First: It is not really supported to add multiple Authorization schemes (Authorization: Basic [BASIC-Token], Bearer [JWT-Token]). And second does this plugin always fails, if the "Authorization" header contains anything else than "Bearer ...".
Allowing a custom header field for the JWT Auth will make such situations work. In our case, it is for a testing environment where Basic Auth is always present.
The default should nevertheless remain the HTTP_AUTHORIZATION header.
This PR allows you to control the header field name to look for the JWT token by an entry within wp-config.php.
When trying to use HTTP Basic Auth together with another Auth scheme like JWT, you face two issues that are circumvented by this Pull Request. First: It is not really supported to add multiple Authorization schemes (Authorization: Basic [BASIC-Token], Bearer [JWT-Token]). And second does this plugin always fails, if the "Authorization" header contains anything else than "Bearer ...".
Allowing a custom header field for the JWT Auth will make such situations work. In our case, it is for a testing environment where Basic Auth is always present. The default should nevertheless remain the HTTP_AUTHORIZATION header.
This PR allows you to control the header field name to look for the JWT token by an entry within wp-config.php.
Best Regards, Jan