Skip to content

Commit

Permalink
Merge pull request #23920 from nextcloud/fix/match_bearer_front
Browse files Browse the repository at this point in the history 
Bearer must be in the start of the auth header
  • Loading branch information
@MorrisJobke
MorrisJobke committed Nov 6, 2020
2 parents 9feacee + e93823c commit 2c6bbe7
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions lib/private/User/Session.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -814,15 +814,15 @@ private function validateToken($token, $user = null) {
*/
public function tryTokenLogin(IRequest $request) {
$authHeader = $request->getHeader('Authorization');
if (strpos($authHeader, 'Bearer ') === false) {
if (strpos($authHeader, 'Bearer ') === 0) {
$token = substr($authHeader, 7);
} else {
// No auth header, let's try session id
try {
$token = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
return false;
}
} else {
$token = substr($authHeader, 7);
}

if (!$this->loginWithToken($token)) {
Expand Down

0 comments on commit 2c6bbe7

Please sign in to comment.