fix zosmf mock to support Bearer auth header

Signed-off-by: Richard Salac <[email protected]>

mock-services/src/main/java/org/zowe/apiml/client/services/apars/FunctionalApar.java

@@ -13,6 +13,7 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.util.StringUtils;
 import org.zowe.apiml.client.model.LoginBody;
 import org.zowe.apiml.client.services.JwtTokenService;
 
@@ -218,6 +219,19 @@ protected boolean isValidJwtCookie(Map<String, String> headers) {
 
     }
 
+    protected boolean isValidAuthHeader(String authHeader) {
+        if (!StringUtils.hasText(authHeader)) {
+            return false;
+        }
+
+        if (authHeader.startsWith("Bearer")) {
+            var jwtToken = authHeader.length() > 8 ? authHeader.substring(7) : "";
+            return jwtTokenService.validateJwtToken(jwtToken);
+        }
+
+        return true;
+    }
+
     private String getAuthCookie(Map<String, String> headers) {
         return headers.get(COOKIE_HEADER) != null ? headers.get(COOKIE_HEADER) : headers.get(HttpHeaders.COOKIE);
     }

mock-services/src/main/java/org/zowe/apiml/client/services/apars/PHBase.java

@@ -70,7 +70,7 @@ protected ResponseEntity<?> handleFiles(Map<String, String> headers) {
         String authorization = headers.get(AUTHORIZATION_HEADER);
 
         if (authorization != null) {
-            if (authorization.startsWith("Bearer")) {
+            if (!isValidAuthHeader(authorization)) {
                 return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
             }
         } else {