Merge pull request #412 from rubanooo/fix-token-header

Fixed token header in explorer

src/Controller/GraphQLExplorerController.php

@@ -16,6 +16,7 @@
 namespace Pimcore\Bundle\DataHubBundle\Controller;
 
 use Pimcore\Bundle\DataHubBundle\GraphQL\Service;
+use Pimcore\Bundle\DataHubBundle\Service\CheckConsumerPermissionsService;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Cache;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
@@ -57,7 +58,7 @@ public function explorerAction(RouterInterface $routingService, Request $request
 
         return $this->render('@PimcoreDataHub/Feature/explorer.html.twig', [
             'graphQLUrl' => $url,
-            'tokenHeader' => 'access-token'
+            'tokenHeader' => CheckConsumerPermissionsService::TOKEN_HEADER
         ]);
     }
 }

src/Service/CheckConsumerPermissionsService.php

@@ -20,6 +20,8 @@
 
 class CheckConsumerPermissionsService
 {
+    public const TOKEN_HEADER = 'X-API-Key';
+
     /**
      * @param Request $request
      * @param Configuration $configuration
@@ -32,7 +34,7 @@ public function performSecurityCheck(Request $request, Configuration $configurat
         if ($securityConfig['method'] === Configuration::SECURITYCONFIG_AUTH_APIKEY) {
             $apiKey = $request->headers->get('apikey');
             if (empty($apiKey)) {
-                $apiKey = $request->headers->get('X-API-Key');
+                $apiKey = $request->headers->get(static::TOKEN_HEADER);
             }
             if (empty($apiKey)) {
                 $apiKey = $request->get('apikey');