diff options
author | ArthurHoaro <arthur@hoa.ro> | 2020-10-03 12:59:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-03 12:59:01 +0200 |
commit | ee07b7283faa197fc062ed85f4f96f98e8e77b03 (patch) | |
tree | a5f87d5b472d98a2de5d578d593610297ecee3cd /application | |
parent | 1db2ebbd79bb82e9e40a7093bbf1bfc50d06b077 (diff) | |
parent | 255b2264a119f4b8cc9fe211c7740906701e15b4 (diff) | |
download | Shaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.tar.gz Shaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.tar.zst Shaarli-ee07b7283faa197fc062ed85f4f96f98e8e77b03.zip |
Merge pull request #1574 from stoeps13/hosting-fix
Diffstat (limited to 'application')
-rw-r--r-- | application/api/ApiMiddleware.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/application/api/ApiMiddleware.php b/application/api/ApiMiddleware.php index 09ce6445..f5b53b01 100644 --- a/application/api/ApiMiddleware.php +++ b/application/api/ApiMiddleware.php | |||
@@ -107,7 +107,9 @@ class ApiMiddleware | |||
107 | */ | 107 | */ |
108 | protected function checkToken($request) | 108 | protected function checkToken($request) |
109 | { | 109 | { |
110 | if (! $request->hasHeader('Authorization')) { | 110 | if (!$request->hasHeader('Authorization') |
111 | && !isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION']) | ||
112 | ) { | ||
111 | throw new ApiAuthorizationException('JWT token not provided'); | 113 | throw new ApiAuthorizationException('JWT token not provided'); |
112 | } | 114 | } |
113 | 115 | ||
@@ -115,7 +117,11 @@ class ApiMiddleware | |||
115 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); | 117 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); |
116 | } | 118 | } |
117 | 119 | ||
118 | $authorization = $request->getHeaderLine('Authorization'); | 120 | if (isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])) { |
121 | $authorization = $this->container->environment['REDIRECT_HTTP_AUTHORIZATION']; | ||
122 | } else { | ||
123 | $authorization = $request->getHeaderLine('Authorization'); | ||
124 | } | ||
119 | 125 | ||
120 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { | 126 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { |
121 | throw new ApiAuthorizationException('Invalid JWT header'); | 127 | throw new ApiAuthorizationException('Invalid JWT header'); |