Hello,
During our integration of Collabora Online into our app, we have encountered a strange issue. After submitting the form with WOPISrc URL and access_token (WOPISrc in URL, access_token through form, just like in sample applications) to the editor URL retrieved from discovery XML, the editor fails to load, complaining it can’t read the file.
From the logs, we found out that when trying to retrieve CheckFileInfo URL, Collabora sends both access_token parameter and Authorzation: Bearer header with the same value as the access_token to the backend server. This confuses the Spring application running in the backend since it treats both the header and the access_token parameter as authentication tokens.
Is this behavior normal ? Is there any way to disable it ? We could adapt our backend application to ignore the Authorization header (or the access_token) but I wanted to know whether it is possible to fix without altering the code.
Collabora version is 23.05.10.1 (git baa6eef)
Spring application with custom WOPI backend.