From 9d69b9e980145ddf66cbc9a0f8a56ee1f52e6581 Mon Sep 17 00:00:00 2001
From: mnival <1595998+mnival@users.noreply.github.com>
Date: Fri, 28 Feb 2025 01:30:45 +0100
Subject: [PATCH] Add bearer authentification (#3725)

Co-authored-by: mnival <extern.nival_michael@allianz.com>
---
 .../gitbucket/core/servlet/ApiAuthenticationFilter.scala      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala b/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala
index 5fc3554dc..f13cb5142 100644
--- a/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala
+++ b/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala
@@ -25,8 +25,8 @@ class ApiAuthenticationFilter extends Filter with AccessTokenService with Accoun
     val response = res.asInstanceOf[HttpServletResponse]
     Option(request.getHeader("Authorization"))
       .map {
-        case auth if auth.toLowerCase().startsWith("token ") =>
-          AccessTokenService.getAccountByAccessToken(auth.substring(6).trim).toRight(())
+        case auth if auth.toLowerCase().startsWith("token ") || auth.toLowerCase().startsWith("bearer ") =>
+          AccessTokenService.getAccountByAccessToken(auth.substring(auth.indexOf(" ") + 1).trim).toRight(())
         case auth if auth.startsWith("Basic ") => doBasicAuth(auth, loadSystemSettings(), request).toRight(())
         case _                                 => Left(())
       }