From 1c5ce11d13e7144091ce9a983ed0be6fbdb95c45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Wed, 6 Feb 2013 19:16:06 +0100
Subject: Strip whitespaces when authorization type is unknown

---
 src/cowboy_http.erl | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl
index a78e090..f3ff687 100644
--- a/src/cowboy_http.erl
+++ b/src/cowboy_http.erl
@@ -817,7 +817,7 @@ authorization(UserPass, Type = <<"basic">>) ->
 				end)
 		end);
 authorization(String, Type) ->
-	{Type, String}.
+	cowboy_http:whitespace(String, fun(Rest) -> {Type, Rest} end).
 
 %% @doc Parse user credentials.
 -spec authorization_basic_userid(binary(), fun()) -> any().
@@ -1347,9 +1347,11 @@ http_authorization_test_() ->
 	 ?_assertEqual({error, badarg},
 		authorization(<<"dXNlcm5hbWUK">>, <<"basic">>)),
 	 ?_assertEqual({error, badarg},
-		 authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)),
+		authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)),
 	 ?_assertEqual({error, badarg},
-		authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>))  %% user:pass\010
+		authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>)), %% user:pass\010
+	 ?_assertEqual({<<"bearer">>,<<"some_secret_key">>},
+		authorization(<<" some_secret_key">>, <<"bearer">>))
 	].
 
 -endif.
-- 
cgit v1.2.3