make word "bearer" in http auth header case insensitive (#1963)

Signed-off-by: Kent Rancourt <[email protected]>
brigadecore · May 24, 2022 · 6872ada · 6872ada
1 parent 8ca05f7
commit 6872ada
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/v2/apiserver/internal/api/rest/token_auth_filter.go b/v2/apiserver/internal/api/rest/token_auth_filter.go
@@ -111,7 +111,8 @@ func (t *tokenAuthFilter) Decorate(handle http.HandlerFunc) http.HandlerFunc {
 			" ",
 			2,
 		)
-		if len(headerValueParts) != 2 || headerValueParts[0] != "Bearer" {
+		if len(headerValueParts) != 2 ||
+			strings.ToLower(headerValueParts[0]) != "bearer" {
 			t.writeResponse(
 				w,
 				http.StatusUnauthorized,