ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #342 from gaomd/master

Browse Source 
Fix #328, strict check Bearer token
This commit is contained in:
Alex Bilbie 2015-08-21 09:00:02 +01:00
commit 2496653968
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/TokenType/Bearer.php
View File

@ -38,9 +38,16 @@ class Bearer extends AbstractTokenType implements TokenTypeInterface
*/ */
public function determineAccessTokenInHeader(Request $request) public function determineAccessTokenInHeader(Request $request)
{ {
$header = $request->headers->get('Authorization'); if ($request->headers->has('Authorization') === false) {
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header)); return;
}
return ($accessToken === 'Bearer') ? '' : $accessToken; $header = $request->headers->get('Authorization');
if (substr($header, 0, 7) !== 'Bearer ') {
return;
}
return trim(substr($header, 7));
} }
} }