feat: Add Bearer token auth (#22498)

* feat: add bearer token support * fix: updating to use equalfold
2021-10-13 09:02:32 -10:00 · 2021-10-13 09:02:32 -10:00 · 1ba6581e74
parent ca992e9fff
commit 1ba6581e74
2 changed files with 31 additions and 4 deletions
--- a/http/tokens.go
+++ b/http/tokens.go
@ -7,7 +7,10 @@ import (
 	"strings"
 )

-const tokenScheme = "Token " // TODO(goller): I'd like this to be Bearer
+const (
+	tokenScheme  = "Token "
+	bearerScheme = "Bearer "
+)

 // errors
 var (
@ -21,10 +24,16 @@ func GetToken(r *http.Request) (string, error) {
 	if header == "" {
 		return "", ErrAuthHeaderMissing
 	}
-	if !strings.HasPrefix(header, tokenScheme) {
-		return "", ErrAuthBadScheme
+
+	if len(header) >= len(tokenScheme) &&
+		strings.EqualFold(header[:len(tokenScheme)], tokenScheme) {
+		return header[len(tokenScheme):], nil
+	} else if len(header) > len(bearerScheme) &&
+		strings.EqualFold(header[:len(bearerScheme)], bearerScheme) {
+		return header[len(bearerScheme):], nil
 	}
-	return header[len(tokenScheme):], nil
+
+	return "", ErrAuthBadScheme
 }

 // SetToken adds the token to the request.
--- a/http/tokens_test.go
+++ b/http/tokens_test.go
@ -56,6 +56,24 @@ func TestGetToken(t *testing.T) {
 				result: "tok2",
 			},
 		},
+		{
+			name: "bearer token",
+			args: args{
+				header: "Bearer tok2",
+			},
+			wants: wants{
+				result: "tok2",
+			},
+		},
+		{
+			name: "short header",
+			args: args{
+				header: "a",
+			},
+			wants: wants{
+				err: ErrAuthBadScheme,
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {