Skip to content

Commit

Permalink
Handle empty or null authorization header prefix
Browse files Browse the repository at this point in the history
  • Loading branch information
@quentin-st @chalasr
quentin-st authored and chalasr committed Mar 2, 2017
1 parent 6366ca5 commit d2d3fc3
Showing 1 changed file with 9 additions and 3 deletions.
12 changes: 9 additions & 3 deletions TokenExtractor/AuthorizationHeaderTokenExtractor.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ class AuthorizationHeaderTokenExtractor implements TokenExtractorInterface
protected $name;

/**
* @param string $prefix
* @param string $name
* @param string|null $prefix
* @param string $name
*/
public function __construct($prefix, $name)
{
Expand All @@ -42,7 +42,13 @@ public function extract(Request $request)
return false;
}

$headerParts = explode(' ', $request->headers->get($this->name));
$authorizationHeader = $request->headers->get($this->name);

if (empty($this->prefix)) {
return $authorizationHeader;
}

$headerParts = explode(' ', $authorizationHeader);

if (!(count($headerParts) === 2 && $headerParts[0] === $this->prefix)) {
return false;
Expand Down

0 comments on commit d2d3fc3

Please sign in to comment.