1
// Copyright (c) 2022 Gitpod GmbH. All rights reserved.
2
// Licensed under the GNU Affero General Public License (AGPL).
3
// See License.AGPL.txt in the project root for license information.
4

5
package auth
6

7
import (
8
	"errors"
9
	"fmt"
10
	"net/http"
11
	"strings"
12
)
13

14
var (
15
	NoAccessToken      = errors.New("missing access token")
16
	InvalidAccessToken = errors.New("invalid access token")
17
)
18

19
const bearerPrefix = "Bearer "
20
const authorizationHeaderKey = "Authorization"
21

22
func BearerTokenFromHeaders(h http.Header) (string, error) {
23
	authorization := strings.TrimSpace(h.Get(authorizationHeaderKey))
24
	if authorization == "" {
25
		return "", fmt.Errorf("empty authorization header: %w", NoAccessToken)
26
	}
27

28
	if !strings.HasPrefix(authorization, bearerPrefix) {
29
		return "", fmt.Errorf("authorization header does not have a Bearer prefix: %w", NoAccessToken)
30
	}
31

32
	return strings.TrimPrefix(authorization, bearerPrefix), nil
33
}
34

35