From d5aa5b61ad2eac7eb9c06b7b67d4309a8ea07d7c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Dach?= Date: Tue, 13 Jan 2026 10:55:51 +0100 Subject: [PATCH] Replace manual specification of `Authorization` header with SignalR-provided provider property The property used here is listed in SignalR documentation: https://learn.microsoft.com/en-us/aspnet/core/signalr/authn-and-authz?view=aspnetcore-10.0#bearer-token-authentication While in practice this probably has zero bearing on anything, theoretically the way proposed in this commit is more correct. As the documentation states, with some transports the token may need to be renewed if it expires, which providing it via a header as done previously would not achieve, while going through `API.AccessToken` every time will perform a token refresh if one is needed. --- osu.Game/Online/HubClientConnector.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osu.Game/Online/HubClientConnector.cs b/osu.Game/Online/HubClientConnector.cs index e6391e8810..7ccf763e62 100644 --- a/osu.Game/Online/HubClientConnector.cs +++ b/osu.Game/Online/HubClientConnector.cs @@ -65,7 +65,7 @@ namespace osu.Game.Online options.Proxy.Credentials = CredentialCache.DefaultCredentials; } - options.Headers.Add(@"Authorization", @$"Bearer {API.AccessToken}"); + options.AccessTokenProvider = () => Task.FromResult(API.AccessToken); // non-standard header name kept for backwards compatibility, can be removed after server side has migrated to `VERSION_HASH_HEADER` options.Headers.Add(@"OsuVersionHash", versionHash); options.Headers.Add(VERSION_HASH_HEADER, versionHash);