diff options
| -rw-r--r-- | oauthlib/openid/connect/core/tokens.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/oauthlib/openid/connect/core/tokens.py b/oauthlib/openid/connect/core/tokens.py index d24cb56..299c5ca 100644 --- a/oauthlib/openid/connect/core/tokens.py +++ b/oauthlib/openid/connect/core/tokens.py @@ -37,7 +37,9 @@ class JWTToken(TokenBase): def validate_request(self, request): token = None if 'Authorization' in request.headers: - token = request.headers.get('Authorization')[7:] + split_header = request.headers.get('Authorization').split() + if len(split_header) == 2 and split_header[0].lower() == 'bearer': + token = split_header[1] else: token = request.access_token return self.request_validator.validate_jwt_bearer_token( |