diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2020-11-06 08:32:50 +0100 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2020-11-06 08:26:15 +0000 |
| commit | 524e1f3c129274c5752892091ed4459a6a1c5c5e (patch) | |
| tree | d8f31d6199dfee4acbccfe56948cde9c07fbd06e /lib | |
| parent | 263dc717ac3ea42e37ab8f0944cf79f8777228a1 (diff) | |
| download | nextcloud-server-524e1f3c129274c5752892091ed4459a6a1c5c5e.tar.gz nextcloud-server-524e1f3c129274c5752892091ed4459a6a1c5c5e.zip | |
Bearer must be in the start of the auth header
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/User/Session.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 4aa9074b4a4..b3e9ce722c7 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -807,15 +807,15 @@ class Session implements IUserSession, Emitter { */ public function tryTokenLogin(IRequest $request) { $authHeader = $request->getHeader('Authorization'); - if (strpos($authHeader, 'Bearer ') === false) { + if (strpos($authHeader, 'Bearer ') === 0) { + $token = substr($authHeader, 7); + } else { // No auth header, let's try session id try { $token = $this->session->getId(); } catch (SessionNotAvailableException $ex) { return false; } - } else { - $token = substr($authHeader, 7); } if (!$this->loginWithToken($token)) { |