Browse code
Merge pull request #12382 from liggitt/invalid-bearer
- pkg/auth/authenticator/request/bearertoken/bearertoken.go
- pkg/auth/authenticator/request/bearertoken/bearertoken_test.go
| ... | ... |
@@ -1,6 +1,7 @@ |
| 1 | 1 |
package bearertoken |
| 2 | 2 |
|
| 3 | 3 |
import ( |
| 4 |
+ "errors" |
|
| 4 | 5 |
"net/http" |
| 5 | 6 |
"strings" |
| 6 | 7 |
|
| ... | ... |
@@ -19,6 +20,8 @@ func New(auth authenticator.Token, removeHeader bool) *Authenticator {
|
| 19 | 19 |
return &Authenticator{auth, removeHeader}
|
| 20 | 20 |
} |
| 21 | 21 |
|
| 22 |
+var invalidToken = errors.New("invalid bearer token")
|
|
| 23 |
+ |
|
| 22 | 24 |
func (a *Authenticator) AuthenticateRequest(req *http.Request) (user.Info, bool, error) {
|
| 23 | 25 |
auth := strings.TrimSpace(req.Header.Get("Authorization"))
|
| 24 | 26 |
if auth == "" {
|
| ... | ... |
@@ -40,5 +43,8 @@ func (a *Authenticator) AuthenticateRequest(req *http.Request) (user.Info, bool, |
| 40 | 40 |
if ok && a.removeHeader {
|
| 41 | 41 |
req.Header.Del("Authorization")
|
| 42 | 42 |
} |
| 43 |
+ if !ok && err == nil {
|
|
| 44 |
+ err = invalidToken |
|
| 45 |
+ } |
|
| 43 | 46 |
return user, ok, err |
| 44 | 47 |
} |