From d525f25b853b6acf5c1c330dc3dba3c550d22032 Mon Sep 17 00:00:00 2001
From: Stefan W <stefan.wiselka@solvti.pl>
Date: Wed, 16 Aug 2023 14:27:45 +0200
Subject: [PATCH] [MIG] auth_jwt - cors preflight fix

---
 auth_jwt/__manifest__.py                  |  2 +-
 auth_jwt/models/ir_http.py                | 11 +++++++----
 auth_jwt_demo/tests/test_auth_jwt_demo.py |  2 +-
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/auth_jwt/__manifest__.py b/auth_jwt/__manifest__.py
index e16d861c90..1975aeac30 100644
--- a/auth_jwt/__manifest__.py
+++ b/auth_jwt/__manifest__.py
@@ -5,7 +5,7 @@
     "name": "Auth JWT",
     "summary": """
         JWT bearer token authentication.""",
-    "version": "13.0.1.1.0",
+    "version": "13.0.1.1.1",
     "license": "AGPL-3",
     "author": "ACSONE SA/NV,Odoo Community Association (OCA)",
     "maintainers": ["sbidoul"],
diff --git a/auth_jwt/models/ir_http.py b/auth_jwt/models/ir_http.py
index 2e286e0339..94b86aecec 100644
--- a/auth_jwt/models/ir_http.py
+++ b/auth_jwt/models/ir_http.py
@@ -24,7 +24,7 @@ class IrHttpJwt(models.AbstractModel):
     _inherit = "ir.http"
 
     @classmethod
-    def _authenticate(cls, auth_method="user"):
+    def _authenticate(cls, endpoint):
         """Protect the _authenticate method.
 
         This is to ensure that the _authenticate method is called
@@ -32,6 +32,9 @@ def _authenticate(cls, auth_method="user"):
         When migrating, review this method carefully by reading the original
         _authenticate method and make sure the conditions have not changed.
         """
+        auth_method = endpoint.routing["auth"]
+        if request._is_cors_preflight(endpoint):
+            auth_method = 'none'
         if (
             auth_method in ("jwt", "public_or_jwt")
             or auth_method.startswith("jwt_")
@@ -47,10 +50,10 @@ def _authenticate(cls, auth_method="user"):
             # because _authenticate will not call _auth_method_jwt a second time.
             if request.uid and not hasattr(request, "jwt_payload"):
                 _logger.error(
-                    "A route with auth='jwt' should not have a request.uid here."
+                    'A route with auth="jwt" should not have a request.uid here.'
                 )
                 raise UnauthorizedSessionMismatch()
-        return super()._authenticate(auth_method)
+        return super()._authenticate(endpoint)
 
     @classmethod
     def _auth_method_jwt(cls, validator_name=None):
@@ -90,4 +93,4 @@ def _get_bearer_token(cls):
         if not mo:
             _logger.info("Malformed Authorization header.")
             raise UnauthorizedMalformedAuthorizationHeader()
-        return mo.group(1)
+        return mo.group(1)
\ No newline at end of file
diff --git a/auth_jwt_demo/tests/test_auth_jwt_demo.py b/auth_jwt_demo/tests/test_auth_jwt_demo.py
index cccb769faa..eac25256c0 100644
--- a/auth_jwt_demo/tests/test_auth_jwt_demo.py
+++ b/auth_jwt_demo/tests/test_auth_jwt_demo.py
@@ -25,7 +25,7 @@ def _get_token(self, aud=None, email=None):
         if email:
             payload["email"] = email
         access_token = jwt.encode(
-            payload, key=validator.secret_key, algorithm=validator.secret_algorithm,
+            payload, key=validator.secret_key, algorithm=validator.secret_algorithm
         )
         return "Bearer " + access_token