diff options
| author | Alan Crosswell <alan@columbia.edu> | 2021-05-26 15:14:09 -0400 |
|---|---|---|
| committer | Alan Crosswell <alan@columbia.edu> | 2021-05-29 09:59:00 -0400 |
| commit | 9f2e8ff1e4b94af4677c6eb12b710d2c74deae68 (patch) | |
| tree | 28d4371734dac9e4b74feb7a4994a696bb2dbab3 | |
| parent | 05e671a41641746802f6ae6155f79fdcb13a3c6a (diff) | |
| download | oauthlib-9f2e8ff1e4b94af4677c6eb12b710d2c74deae68.tar.gz | |
handle another case of assuming the token starts after 'Bearer '
| -rw-r--r-- | oauthlib/openid/connect/core/tokens.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/oauthlib/openid/connect/core/tokens.py b/oauthlib/openid/connect/core/tokens.py index 299c5ca..ffc2467 100644 --- a/oauthlib/openid/connect/core/tokens.py +++ b/oauthlib/openid/connect/core/tokens.py @@ -46,8 +46,9 @@ class JWTToken(TokenBase): token, request.scopes, request) def estimate_type(self, request): - token = request.headers.get('Authorization', '')[7:] - if token.startswith('ey') and token.count('.') in (2, 4): - return 10 - else: - return 0 + split_header = request.headers.get('Authorization').split() + if len(split_header) == 2 and split_header[0].lower() == 'bearer': + token = split_header[1] + if token.startswith('ey') and token.count('.') in (2, 4): + return 10 + return 0 |