b64 regex token checks #127

jankapunkt · 2022-02-01T17:34:07Z

In the spec it is defined as it should start with Bearer followed with a whitespace. That's what the additional ^ in the regex is for. I think we should not support BeArEr @Uzlopak

b64token = 1*( ALPHA / DIGIT /
"-" / "." / "_" / "~" / "+" / "/" ) "="
credentials = "Bearer" 1SP b64token

But I do like the check provided for the second part. But that should be a different issue/pull request. Because that check should also be done on the result of generateAccessToken and generateRefreshToken.

jankapunkt · 2022-02-01T17:47:47Z

Does it make sense to implement this here: https://github.com/node-oauth/formats ?

jorenvandeweyer · 2023-08-27T12:14:41Z

The correct regex would be ^Bearer\s[0-9a-zA-Z-._~+/]+=*$

jankapunkt added good first issue ✅ Good for newcomers compliance 📜 OAuth 2.0 standard compliance labels Feb 1, 2022

This was referenced Aug 27, 2023

Improve bearer validation #234

Merged

improve bearer validation 4.x branch #235

Closed

jorenvandeweyer closed this as completed Sep 28, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

b64 regex token checks #127

b64 regex token checks #127

jankapunkt commented Feb 1, 2022

jankapunkt commented Feb 1, 2022

jorenvandeweyer commented Aug 27, 2023

b64 regex token checks #127

b64 regex token checks #127

Comments

jankapunkt commented Feb 1, 2022

jankapunkt commented Feb 1, 2022

jorenvandeweyer commented Aug 27, 2023