Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Throw Exception When Only 'Bearer' is Specified in Authorization Header #2801

Closed
marevol opened this issue Jan 28, 2024 · 0 comments
Closed

Throw Exception When Only 'Bearer' is Specified in Authorization Header #2801

marevol opened this issue Jan 28, 2024 · 0 comments
Assignees
@marevol
Labels
improvement
Milestone
14.12.0

Comments

@marevol
Copy link
Contributor

marevol commented Jan 28, 2024

We have updated the AccessTokenHelper class to enhance security measures. Previously, our code did not throw an exception when only "Bearer" was specified in the Authorization header without an accompanying token. This update rectifies this oversight. Now, when the Authorization header contains only "Bearer" with no token, our system will throw an InvalidAccessTokenException. This change ensures that invalid or incomplete authorization attempts are properly handled, improving the robustness of our authorization process.
@marevol marevol added this to the 14.12.0 milestone Jan 28, 2024
@marevol marevol self-assigned this Jan 28, 2024
marevol added a commit that referenced this issue Jan 28, 2024
@marevol
fix #2801 Updated AccessTokenHelper to throw exception when only 'Bea…
b50b0b9 
…rer' is specified in Authorization header
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marevol marevol

Labels
improvement
Projects
None yet
Milestone
14.12.0
Development

No branches or pull requests
1 participant
@marevol