Merge pull request #652 from rickshawhobo/4.1.x

less restrictive on Authorization header check
thephpleague · Sep 13, 2016 · 084b779 · 084b779
2 parents c5db707 + 491f3f0
commit 084b779
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/ResourceServer.php b/src/ResourceServer.php
@@ -138,7 +138,7 @@ public function isValidRequest($headerOnly = true, $accessToken = null)
      */
     public function determineAccessToken($headerOnly = false)
     {
-        if ($this->getRequest()->headers->get('Authorization') !== null) {
+        if (!empty($this->getRequest()->headers->get('Authorization'))) {
             $accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
         } elseif ($headerOnly === false && (! $this->getTokenType() instanceof MAC)) {
             $accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET')