From 11e7552b5b888c508ce4518d0200c953a4231227 Mon Sep 17 00:00:00 2001
From: Justin Harms <s1d3sw1ped@gmail.com>
Date: Tue, 25 Nov 2025 08:23:25 -0600
Subject: [PATCH] Refactor API key handling in runners.go to streamline
 authorization logic. Remove redundant checks for "Bearer " prefix in API key
 extraction, enhancing code clarity and maintainability.

---
 internal/api/runners.go | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/internal/api/runners.go b/internal/api/runners.go
index 48daeed..1a2b975 100644
--- a/internal/api/runners.go
+++ b/internal/api/runners.go
@@ -43,9 +43,7 @@ func (s *Server) runnerAuthMiddleware(next http.HandlerFunc) http.HandlerFunc {
 		}
 
 		// Remove "Bearer " prefix if present
-		if strings.HasPrefix(apiKey, "Bearer ") {
-			apiKey = strings.TrimPrefix(apiKey, "Bearer ")
-		}
+		apiKey = strings.TrimPrefix(apiKey, "Bearer ")
 
 		// Validate API key and get its ID
 		apiKeyID, _, err := s.secrets.ValidateRunnerAPIKey(apiKey)
@@ -739,9 +737,7 @@ func (s *Server) handleRunnerWebSocket(w http.ResponseWriter, r *http.Request) {
 	apiKey := r.URL.Query().Get("api_key")
 	if apiKey == "" {
 		apiKey = r.Header.Get("Authorization")
-		if strings.HasPrefix(apiKey, "Bearer ") {
-			apiKey = strings.TrimPrefix(apiKey, "Bearer ")
-		}
+		apiKey = strings.TrimPrefix(apiKey, "Bearer ")
 	}
 	if apiKey == "" {
 		s.respondError(w, http.StatusBadRequest, "API key required")
@@ -2186,4 +2182,3 @@ func (s *Server) logTaskEvent(taskID int64, runnerID *int64, logLevel types.LogL
 		StepName: stepName,
 	})
 }
-