Make Authorization header auth-scheme case-insencitive (#2416)

src/main/scala/ScalatraBootstrap.scala

@@ -16,7 +16,7 @@ class ScalatraBootstrap extends LifeCycle with SystemSettingsService {
       context.getSessionCookieConfig.setSecure(true)
     }
 
-    // Register TransactionFilter and BasicAuthenticationFilter at first
+    // Register TransactionFilter at first
     context.addFilter("transactionFilter", new TransactionFilter)
     context
       .getFilterRegistration("transactionFilter")

src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala

@@ -24,7 +24,7 @@ class ApiAuthenticationFilter extends Filter with AccessTokenService with Accoun
     val response = res.asInstanceOf[HttpServletResponse]
     Option(request.getHeader("Authorization"))
       .map {
-        case auth if auth.startsWith("token ") =>
+        case auth if auth.toLowerCase().startsWith("token ") =>
           AccessTokenService.getAccountByAccessToken(auth.substring(6).trim).toRight(())
         case auth if auth.startsWith("Basic ") => doBasicAuth(auth, loadSystemSettings(), request).toRight(())
         case _                                 => Left(())

src/main/scala/gitbucket/core/util/Directory.scala

@@ -62,7 +62,7 @@ object Directory {
     new File(getRepositoryFilesDir(owner, repository), "releases")
 
   /**
-   * Directory for files which are attached to issue.
+   * Directory for Git LFS files.
    */
   def getLfsDir(owner: String, repository: String): File =
     new File(getRepositoryFilesDir(owner, repository), "lfs")