Add bearer authentification (#3725)

Co-authored-by: mnival <extern.nival_michael@allianz.com>
2025-11-06 05:25:50 +01:00 · 2025-02-28 01:30:45 +01:00
parent 44b2320644
commit 9d69b9e980
1 changed files with 2 additions and 2 deletions
--- a/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala
+++ b/src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala
@@ -25,8 +25,8 @@ class ApiAuthenticationFilter extends Filter with AccessTokenService with Accoun
    val response = res.asInstanceOf[HttpServletResponse]
    Option(request.getHeader("Authorization"))
      .map {
-        case auth if auth.toLowerCase().startsWith("token ") =>
+        case auth if auth.toLowerCase().startsWith("token ") || auth.toLowerCase().startsWith("bearer ") =>
-          AccessTokenService.getAccountByAccessToken(auth.substring(6).trim).toRight(())
+          AccessTokenService.getAccountByAccessToken(auth.substring(auth.indexOf(" ") + 1).trim).toRight(())
        case auth if auth.startsWith("Basic ") => doBasicAuth(auth, loadSystemSettings(), request).toRight(())
        case _                                 => Left(())
      }