diff --git a/request/extractor.go b/request/extractor.go
index 03d8e4b..9ef5f06 100644
--- a/request/extractor.go
+++ b/request/extractor.go
@@ -90,7 +90,7 @@ func (e BearerExtractor) ExtractToken(req *http.Request) (string, error) {
 	tokenHeader := req.Header.Get("Authorization")
 	// The usual convention is for "Bearer" to be title-cased. However, there's no
 	// strict rule around this, and it's best to follow the robustness principle here.
-	if len(tokenHeader) < 7 || !strings.HasPrefix(strings.ToLower(tokenHeader[:7]), "bearer ") {
+	if len(tokenHeader) < 7 || !strings.EqualFold(tokenHeader[:7], "bearer ") {
 		return "", ErrNoTokenInRequest
 	}
 	return tokenHeader[7:], nil
diff --git a/request/oauth2.go b/request/oauth2.go
index 5860a53..9f88c3e 100644
--- a/request/oauth2.go
+++ b/request/oauth2.go
@@ -7,7 +7,7 @@ import (
 // Strips 'Bearer ' prefix from bearer token string
 func stripBearerPrefixFromTokenString(tok string) (string, error) {
 	// Should be a bearer token
-	if len(tok) > 6 && strings.ToUpper(tok[0:7]) == "BEARER " {
+	if len(tok) > 6 && strings.EqualFold(tok[:7], "bearer ") {
 		return tok[7:], nil
 	}
 	return tok, nil