Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/server.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2020-11-06 10:32:50 +0300
committerbackportbot[bot] <backportbot[bot]@users.noreply.github.com>2020-11-06 11:26:15 +0300
commit524e1f3c129274c5752892091ed4459a6a1c5c5e (patch)
treed8f31d6199dfee4acbccfe56948cde9c07fbd06e /lib
parent263dc717ac3ea42e37ab8f0944cf79f8777228a1 (diff)
Bearer must be in the start of the auth header
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/User/Session.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 4aa9074b4a4..b3e9ce722c7 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -807,15 +807,15 @@ class Session implements IUserSession, Emitter {
*/
public function tryTokenLogin(IRequest $request) {
$authHeader = $request->getHeader('Authorization');
- if (strpos($authHeader, 'Bearer ') === false) {
+ if (strpos($authHeader, 'Bearer ') === 0) {
+ $token = substr($authHeader, 7);
+ } else {
// No auth header, let's try session id
try {
$token = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
return false;
}
- } else {
- $token = substr($authHeader, 7);
}
if (!$this->loginWithToken($token)) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 17:30:51 +0300