mirror
/
jwt
mirror of https://github.com/golang-jwt/jwt.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Refactor to use strings.EqualFold (#329)

This commit is contained in:
Oleksandr Redko 2023-08-03 18:27:46 +03:00 committed by GitHub
parent fc86f52277
commit 8aa5d6cef8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
request/extractor.go
View File

@ -90,7 +90,7 @@ func (e BearerExtractor) ExtractToken(req *http.Request) (string, error) {
tokenHeader := req.Header.Get("Authorization")
// The usual convention is for "Bearer" to be title-cased. However, there's no
// strict rule around this, and it's best to follow the robustness principle here.
if len(tokenHeader) < 7 || !strings.HasPrefix(strings.ToLower(tokenHeader[:7]), "bearer ") {
if len(tokenHeader) < 7 || !strings.EqualFold(tokenHeader[:7], "bearer ") {
return "", ErrNoTokenInRequest
}
return tokenHeader[7:], nil

2
request/oauth2.go
View File

@ -7,7 +7,7 @@ import (
// Strips 'Bearer ' prefix from bearer token string
func stripBearerPrefixFromTokenString(tok string) (string, error) {
// Should be a bearer token
if len(tok) > 6 && strings.ToUpper(tok[0:7]) == "BEARER " {
if len(tok) > 6 && strings.EqualFold(tok[:7], "bearer ") {
return tok[7:], nil
}
return tok, nil