# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+# Alternative (if the 2 lines above don't work)
+# SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
# REST API
+# Ionos Hosting needs RewriteBase /
+# RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
*/
protected function checkToken($request)
{
- if (! $request->hasHeader('Authorization')) {
+ if (! $request->hasHeader('Authorization') && !isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
throw new ApiAuthorizationException('JWT token not provided');
}
throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration');
}
- $authorization = $request->getHeaderLine('Authorization');
+ if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
+ $authorization = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
+ } else {
+ $authorization = $request->getHeaderLine('Authorization');
+ }
if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) {
throw new ApiAuthorizationException('Invalid JWT header');
projects / github / shaarli / Shaarli.git / commitdiff
