Authorization header token types should be handled case insensitive

[FrittenKeeZ]

We just ran into an issue using Laravel Passport where a 3rd party was sending Authorization: bearer <...> instead of Authorization: Bearer <...> which is rejected due to checks being done case sensitively.

According to https://auth0.com/blog/the-bearer-token-case/ and it's numerous sources the token types should be handled case insensitively.

[Sephster]

Thanks for reporting this. I'll get a fix out shortly