mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #23924 from nextcloud/backport/23920/stable20 

[stable20] Bearer must be in the start of the auth header
This commit is contained in:
Morris Jobke 2020-11-06 22:10:01 +01:00 committed by GitHub
parent 93211e7ded c9bf32b454
commit a2c9915ca4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/private/User/Session.php
View File

@ -814,15 +814,15 @@ class Session implements IUserSession, Emitter {
*/
public function tryTokenLogin(IRequest $request) {
$authHeader = $request->getHeader('Authorization');
if (strpos($authHeader, 'Bearer ') === false) {
if (strpos($authHeader, 'Bearer ') === 0) {
$token = substr($authHeader, 7);
} else {
// No auth header, let's try session id
try {
$token = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
return false;
}
} else {
$token = substr($authHeader, 7);
}
if (!$this->loginWithToken($token)) {