From 2eed4d170c6ce16140dbd35a355bca232ba1ad6f Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Sun, 21 Jul 2024 01:37:32 +0000
Subject: [PATCH] Made the method part case insensitive.

---
 src/OAuth2/OAuth2Routes.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/OAuth2/OAuth2Routes.php b/src/OAuth2/OAuth2Routes.php
index 13c71b1..dce7567 100644
--- a/src/OAuth2/OAuth2Routes.php
+++ b/src/OAuth2/OAuth2Routes.php
@@ -402,7 +402,7 @@ final class OAuth2Routes extends RouteHandler {
         $content = $request->getContent();
 
         $authzHeader = explode(' ', (string)$request->getHeaderLine('Authorization'));
-        if($authzHeader[0] === 'Basic') {
+        if(strcasecmp($authzHeader[0], 'Basic') === 0) {
             $authzHeader = explode(':', base64_decode($authzHeader[1] ?? ''));
             $clientId = $authzHeader[0];
             $clientSecret = $authzHeader[1] ?? '';
@@ -504,7 +504,7 @@ final class OAuth2Routes extends RouteHandler {
 
         // authz header should be the preferred method
         $authzHeader = explode(' ', (string)$request->getHeaderLine('Authorization'));
-        if($authzHeader[0] === 'Basic') {
+        if(strcasecmp($authzHeader[0], 'Basic') === 0) {
             $authzHeader = explode(':', base64_decode($authzHeader[1] ?? ''));
             $clientId = $authzHeader[0];
             $clientSecret = $authzHeader[1] ?? '';
@@ -758,7 +758,7 @@ final class OAuth2Routes extends RouteHandler {
     #[HttpGet('/oauth2/check_token_do_not_rely_on_this_existing_in_a_year')]
     public function postIntrospect($response, $request) {
         $authzHeader = explode(' ', (string)$request->getHeaderLine('Authorization'));
-        if($authzHeader[0] !== 'Bearer' || count($authzHeader) < 2) {
+        if(strcasecmp($authzHeader[0], 'Bearer') !== 0 || count($authzHeader) < 2) {
             $response->setStatusCode(401);
             $response->setHeader('WWW-Authenticate', 'Bearer');
             return ['success' => false];