"Bearer" authorization token prefix is misspelled in IssuanceAccessToken - Githubissues

eu-digital-identity-wallet / eudi-lib-ios-openid4vci-swift

Implementation of OpenID for Verifiable Credential Issuance protocol (wallet's role) in Swift

Apache License 2.0

6 stars 7 forks source link

"Bearer" authorization token prefix is misspelled in IssuanceAccessToken #52

Closed srosenda closed 1 month ago

srosenda commented 1 month ago

The prefix should be spelled exactly as "Bearer", not "BEARER" as in https://github.com/eu-digital-identity-wallet/eudi-lib-ios-openid4vci-swift/blob/ac62cca1b0245ba472cc027bc98b4224033236c8/Sources/Entities/IssuanceAccessToken.swift#L54-L72

See https://datatracker.ietf.org/doc/html/rfc6750#section-2.1. Fix available in PR #51.

srosenda commented 1 month ago

Note that OAuth implementations should in fact accept the authentication scheme "Bearer" spelled with any mix of lower- and uppercase characters. See https://github.com/openid/OpenID4VCI/issues/371#issuecomment-2272968034 and discussion linked to it.