From dae2e21d62aa0142dcec21246b38d757e3bc181b Mon Sep 17 00:00:00 2001
From: Drew DeVault <sir@cmpwn.com>
Date: Thu, 14 May 2020 11:22:18 -0400
Subject: [PATCH] API: swap Authentication header for Authorization

Per OAuth 2 spec
---
 api/auth/auth.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/api/auth/auth.go b/api/auth/auth.go
index 257e15a..7490d1b 100644
--- a/api/auth/auth.go
+++ b/api/auth/auth.go
@@ -69,16 +69,16 @@ func Middleware(db *sql.DB) func(http.Handler) http.Handler {
 				return
 			}
 
-			auth := r.Header.Get("Authentication")
+			auth := r.Header.Get("Authorization")
 			if auth == "" {
-				authError(w, `Authentication header is required.
-Expected 'Authentication: Bearer <token>'`, http.StatusForbidden)
+				authError(w, `Authorization header is required.
+Expected 'Authorization: Bearer <token>'`, http.StatusForbidden)
 				return
 			}
 
 			z := strings.SplitN(auth, " ", 2)
 			if len(z) != 2 {
-				authError(w, "Invalid Authentication header", http.StatusBadRequest)
+				authError(w, "Invalid Authorization header", http.StatusBadRequest)
 				return
 			}
 
@@ -95,7 +95,7 @@ Expected 'Authentication: Bearer <token>'`, http.StatusForbidden)
 			case "Internal":
 				panic(errors.New("TODO"))
 			default:
-				authError(w, "Invalid Authentication header", http.StatusBadRequest)
+				authError(w, "Invalid Authorization header", http.StatusBadRequest)
 				return
 			}
 
-- 
2.38.4