aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-10-03 12:59:01 +0200
committerGitHub <noreply@github.com>2020-10-03 12:59:01 +0200
commitee07b7283faa197fc062ed85f4f96f98e8e77b03 (patch)
treea5f87d5b472d98a2de5d578d593610297ecee3cd /application
parent1db2ebbd79bb82e9e40a7093bbf1bfc50d06b077 (diff)
parent255b2264a119f4b8cc9fe211c7740906701e15b4 (diff)
downloadShaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.tar.gz
Shaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.tar.zst
Shaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.zip
Merge pull request #1574 from stoeps13/hosting-fix
Diffstat (limited to 'application')
-rw-r--r--application/api/ApiMiddleware.php10
1 files changed, 8 insertions, 2 deletions
diff --git a/application/api/ApiMiddleware.php b/application/api/ApiMiddleware.php
index 09ce6445..f5b53b01 100644
--- a/application/api/ApiMiddleware.php
+++ b/application/api/ApiMiddleware.php
@@ -107,7 +107,9 @@ class ApiMiddleware
107 */ 107 */
108 protected function checkToken($request) 108 protected function checkToken($request)
109 { 109 {
110 if (! $request->hasHeader('Authorization')) { 110 if (!$request->hasHeader('Authorization')
111 && !isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])
112 ) {
111 throw new ApiAuthorizationException('JWT token not provided'); 113 throw new ApiAuthorizationException('JWT token not provided');
112 } 114 }
113 115
@@ -115,7 +117,11 @@ class ApiMiddleware
115 throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); 117 throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration');
116 } 118 }
117 119
118 $authorization = $request->getHeaderLine('Authorization'); 120 if (isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])) {
121 $authorization = $this->container->environment['REDIRECT_HTTP_AUTHORIZATION'];
122 } else {
123 $authorization = $request->getHeaderLine('Authorization');
124 }
119 125
120 if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { 126 if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) {
121 throw new ApiAuthorizationException('Invalid JWT header'); 127 throw new ApiAuthorizationException('Invalid JWT header');