Fixing Issue #120

2015-01-15 17:21:00 -08:00 · 2015-01-15 17:21:00 -08:00 · de56109c16
parent 4a635835af
commit de56109c16
2 changed files with 24 additions and 1 deletions
--- a/src/Microsoft.AspNet.Security.OAuthBearer/OAuthBearerAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Security.OAuthBearer/OAuthBearerAuthenticationHandler.cs
@ -60,6 +60,13 @@ namespace Microsoft.AspNet.Security.OAuthBearer
                }

                string authorization = Request.Headers.Get("Authorization");
+
+                // If no authorization header found, nothing to process further
+                if (String.IsNullOrEmpty(authorization))
+                {
+                    return null;
+                }
+
                if (authorization.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
                {
                     token = authorization.Substring("Bearer ".Length).Trim();
--- a/test/Microsoft.AspNet.Security.Test/OAuthBearer/OAuthBearerMiddlewareTests.cs
+++ b/test/Microsoft.AspNet.Security.Test/OAuthBearer/OAuthBearerMiddlewareTests.cs
@ -66,6 +66,22 @@ namespace Microsoft.AspNet.Security.OAuthBearer
            return Task.FromResult<object>(null);
        }

+        [Fact]
+        public async Task NoHeaderReceived()
+        {
+            var server = CreateServer(options => { });
+            var response = await SendAsync(server, "http://example.com/oauth");
+            response.Response.StatusCode.ShouldBe(HttpStatusCode.OK);
+        }
+
+        [Fact]
+        public async Task HeaderWithoutBearerReceived()
+        {
+            var server = CreateServer(options => { });
+            var response = await SendAsync(server, "http://example.com/oauth","Token");
+            response.Response.StatusCode.ShouldBe(HttpStatusCode.OK);
+        }
+
        [Fact]
        public async Task CustomTokenReceived()
        {
@ -235,4 +251,4 @@ namespace Microsoft.AspNet.Security.OAuthBearer
            public XElement ResponseElement { get; set; }
        }
    }
-}
+}