ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Fix #328, strict check Bearer token

Browse Source
This commit is contained in:
Mengdi Gao 2015-06-01 21:36:44 +08:00
parent c174b6fc65
commit 7934c7bb53
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/TokenType/Bearer.php
View File

@ -38,9 +38,16 @@ class Bearer extends AbstractTokenType implements TokenTypeInterface
*/ */
public function determineAccessTokenInHeader(Request $request) public function determineAccessTokenInHeader(Request $request)
{ {
$header = $request->headers->get('Authorization'); if ($request->headers->has('Authorization') === false) {
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header)); return;
}
return ($accessToken === 'Bearer') ? '' : $accessToken; $header = $request->headers->get('Authorization');
if (substr($header, 0, 7) !== 'Bearer ') {
return;
}
return trim(substr($header, 7));
} }
} }