diff --git a/src/Symfony/Component/Security/Http/AccessToken/HeaderAccessTokenExtractor.php b/src/Symfony/Component/Security/Http/AccessToken/HeaderAccessTokenExtractor.php
index 487b87c24633d..0903d178babc3 100644
--- a/src/Symfony/Component/Security/Http/AccessToken/HeaderAccessTokenExtractor.php
+++ b/src/Symfony/Component/Security/Http/AccessToken/HeaderAccessTokenExtractor.php
@@ -29,7 +29,7 @@ public function __construct(
private readonly string $tokenType = 'Bearer'
) {
$this->regex = sprintf(
- '/^%s([a-zA-Z0-9\-_\+~\/\.]+)$/',
+ '/^%s([a-zA-Z0-9\-_\+~\/\.]+=*)$/',
'' === $this->tokenType ? '' : preg_quote($this->tokenType).'\s+'
);
}
diff --git a/src/Symfony/Component/Security/Http/Tests/Authenticator/AccessTokenAuthenticatorTest.php b/src/Symfony/Component/Security/Http/Tests/Authenticator/AccessTokenAuthenticatorTest.php
index 4f010000429dd..5ee4869b431ae 100644
--- a/src/Symfony/Component/Security/Http/Tests/Authenticator/AccessTokenAuthenticatorTest.php
+++ b/src/Symfony/Component/Security/Http/Tests/Authenticator/AccessTokenAuthenticatorTest.php
@@ -18,6 +18,7 @@
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Http\AccessToken\AccessTokenExtractorInterface;
use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
+use Symfony\Component\Security\Http\AccessToken\HeaderAccessTokenExtractor;
use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;
use Symfony\Component\Security\Http\Authenticator\FallbackUserLoader;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
@@ -159,4 +160,31 @@ public function testAuthenticateWithFallbackUserLoader()
$this->assertEquals('test', $passport->getUser()->getUserIdentifier());
}
+
+ /**
+ * @dataProvider provideAccessTokenHeaderRegex
+ */
+ public function testAccessTokenHeaderRegex(string $input, ?string $expectedToken)
+ {
+ // Given
+ $extractor = new HeaderAccessTokenExtractor();
+ $request = Request::create('/test', 'GET', [], [], [], ['HTTP_AUTHORIZATION' => $input]);
+
+ // When
+ $token = $extractor->extractAccessToken($request);
+
+ // Then
+ $this->assertEquals($expectedToken, $token);
+ }
+
+ public function provideAccessTokenHeaderRegex(): array
+ {
+ return [
+ ['Bearer token', 'token'],
+ ['Bearer mF_9.B5f-4.1JqM', 'mF_9.B5f-4.1JqM'],
+ ['Bearer d3JvbmdfcmVnZXhwX2V4bWFwbGU=', 'd3JvbmdfcmVnZXhwX2V4bWFwbGU='],
+ ['Bearer Not Valid', null],
+ ['Bearer (NotOK123)', null],
+ ];
+ }
}
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy