I'm trying to develop an Android app for a WordPress/WooCommerce website. I can't seem to catch the Authorization header. I am using JWT Auth Plugin, I've set up the secret key and cors=true in wp-config.
define('JWT_AUTH_SECRET_KEY', 'qP>:$YKu7H%6#I&!i.delK^`Ehkm]k~4A*rJ3f<vJj+{ZKgTzRsEt<*PxRxhy;(t');
define('JWT_AUTH_CORS_ENABLE', true);
I've added every possible line I found on the internet to .htacces, currently I'm only with what the plugin requires, these are placed below "RewriteEngine On" and are at the top and above all others.
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
This was the common fix throughout all the people who had this problem. I tried Advanced Access Manager and it worked with it's customized Authentication header, but it returned "not logged in" when I tried /users/me with the token it gave me.
I've also tried editing class-jwt-auth-public.php file:
if (!$auth) {
$allHeaders = getallheaders();
$auth = isset($allHeaders['Authorization']) ?
$allHeaders['Authorization'] : false;
}
I'm using REST API LOG to analyze the requests and see that the Authorization header is not sent. Requests were sent with Postman and from my S7 Edge. I am losing my mind these few days trying to get this to work. Hopefully, you guys can help.