From d2f1109bdb38da4413d042d46573f56260bf4ad1 Mon Sep 17 00:00:00 2001
From: Giovanni Cardamone <g.cardamone2@gmail.com>
Date: Thu, 12 May 2022 20:25:51 +0200
Subject: [PATCH] fix: pick only Bearer in OpenId security

---
 src/index.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/index.ts b/src/index.ts
index 4804f97..b840636 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -366,7 +366,9 @@ function getOpenIdConnectSecurityData(
 	security: OpenIdConnectAuth,
 	request: FastifyRequest
 ) {
-	return request.headers.authorization
+	return request.headers.authorization?.startsWith('Bearer ')
+		? request.headers.authorization
+		: undefined
 }
 
 export * from './types'