fix: allow unauthenticated requests when BRIDGE_AUTH_TOKEN is not set
This commit is contained in:
parent
3047f818aa
commit
44a7869f0f
@ -18,15 +18,12 @@ func (s *StaticTokenAuthService) ValidateToken(token string) bool {
|
||||
|
||||
func (s *StaticTokenAuthService) ValidateAuthorizationHeader(header string) bool {
|
||||
header = strings.TrimSpace(header)
|
||||
if s.expectedToken == "" {
|
||||
return true
|
||||
}
|
||||
if header == "" {
|
||||
return false
|
||||
}
|
||||
if s.expectedToken == "" {
|
||||
if !strings.HasPrefix(strings.ToLower(header), "bearer ") {
|
||||
return false
|
||||
}
|
||||
return strings.TrimSpace(header[len("Bearer "):]) != ""
|
||||
}
|
||||
if header == s.expectedToken {
|
||||
return true
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user