Skip to content

Commit 133b900

Browse files
jessecooperjessecooper
committed
remove case sensitivity from header checks
1 parent 32e7978 commit 133b900

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

flask_authz/casbin_enforcer.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -74,10 +74,10 @@ def wrapper(*args, **kwargs):
7474
owner.strip('"'), uri, request.method
7575
):
7676
return func(*args, **kwargs)
77-
for header in self.app.config.get("CASBIN_OWNER_HEADERS"):
77+
for header in map(str.lower, self.app.config.get("CASBIN_OWNER_HEADERS")):
7878
if header in request.headers:
7979
# Make Authorization Header Parser standard
80-
if header == "Authorization":
80+
if header == "authorization":
8181
# Get Auth Value then decode and parse for owner
8282
try:
8383
owner = authorization_decoder(request.headers.get(header))
@@ -104,7 +104,7 @@ def wrapper(*args, **kwargs):
104104
"Enforce against owner: %s header: %s"
105105
% (owner.strip('"'), header)
106106
)
107-
if self.user_name_headers and header in self.user_name_headers:
107+
if self.user_name_headers and header in map(str.lower, self.user_name_headers):
108108
owner_audit = owner
109109
if self.e.enforce(
110110
owner.strip('"'), uri, request.method

0 commit comments

Comments
 (0)