edenleung / think-jwt

src/Handle/Header.php

<?php

declare(strict_types=1);

namespace xiaodi\JWTAuth\Handle;

class Header extends RequestToken
{
    public function handle()
    {
        $authorization = $this->app->request->header('authorization');

        if (!$authorization || strpos($authorization, 'Bearer ') !== 0) {

It seems like $authorization can also be of type array; however, parameter $haystack of strpos() does only seem to accept string, maybe add an additional type check?

            return;
        }

        return substr($authorization, 7);

It seems like $authorization can also be of type array; however, parameter $string of substr() does only seem to accept string, maybe add an additional type check?

    }
}