(r *http.Request)
| 27 | ) |
| 28 | |
| 29 | func (api *API) scimVerifyAuthHeader(r *http.Request) bool { |
| 30 | bearer := []byte("bearer ") |
| 31 | hdr := []byte(r.Header.Get("Authorization")) |
| 32 | |
| 33 | // Use toLower to make the comparison case-insensitive. |
| 34 | if len(hdr) >= len(bearer) && subtle.ConstantTimeCompare(bytes.ToLower(hdr[:len(bearer)]), bearer) == 1 { |
| 35 | hdr = hdr[len(bearer):] |
| 36 | } |
| 37 | |
| 38 | return len(api.SCIMAPIKey) != 0 && subtle.ConstantTimeCompare(hdr, api.SCIMAPIKey) == 1 |
| 39 | } |
| 40 | |
| 41 | func scimUnauthorized(rw http.ResponseWriter) { |
| 42 | _ = handlerutil.WriteError(rw, scim.NewHTTPError(http.StatusUnauthorized, "invalidAuthorization", xerrors.New("invalid authorization"))) |
no test coverage detected