diff options
Diffstat (limited to 'application/api/ApiMiddleware.php')
| -rw-r--r-- | application/api/ApiMiddleware.php | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/application/api/ApiMiddleware.php b/application/api/ApiMiddleware.php index 4745ac94..adc8b266 100644 --- a/application/api/ApiMiddleware.php +++ b/application/api/ApiMiddleware.php | |||
| @@ -1,6 +1,7 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | namespace Shaarli\Api; | 2 | namespace Shaarli\Api; |
| 3 | 3 | ||
| 4 | use malkusch\lock\mutex\FlockMutex; | ||
| 4 | use Shaarli\Api\Exceptions\ApiAuthorizationException; | 5 | use Shaarli\Api\Exceptions\ApiAuthorizationException; |
| 5 | use Shaarli\Api\Exceptions\ApiException; | 6 | use Shaarli\Api\Exceptions\ApiException; |
| 6 | use Shaarli\Bookmark\BookmarkFileService; | 7 | use Shaarli\Bookmark\BookmarkFileService; |
| @@ -71,7 +72,14 @@ class ApiMiddleware | |||
| 71 | $response = $e->getApiResponse(); | 72 | $response = $e->getApiResponse(); |
| 72 | } | 73 | } |
| 73 | 74 | ||
| 74 | return $response; | 75 | return $response |
| 76 | ->withHeader('Access-Control-Allow-Origin', '*') | ||
| 77 | ->withHeader( | ||
| 78 | 'Access-Control-Allow-Headers', | ||
| 79 | 'X-Requested-With, Content-Type, Accept, Origin, Authorization' | ||
| 80 | ) | ||
| 81 | ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') | ||
| 82 | ; | ||
| 75 | } | 83 | } |
| 76 | 84 | ||
| 77 | /** | 85 | /** |
| @@ -100,7 +108,9 @@ class ApiMiddleware | |||
| 100 | */ | 108 | */ |
| 101 | protected function checkToken($request) | 109 | protected function checkToken($request) |
| 102 | { | 110 | { |
| 103 | if (! $request->hasHeader('Authorization')) { | 111 | if (!$request->hasHeader('Authorization') |
| 112 | && !isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION']) | ||
| 113 | ) { | ||
| 104 | throw new ApiAuthorizationException('JWT token not provided'); | 114 | throw new ApiAuthorizationException('JWT token not provided'); |
| 105 | } | 115 | } |
| 106 | 116 | ||
| @@ -108,7 +118,11 @@ class ApiMiddleware | |||
| 108 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); | 118 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); |
| 109 | } | 119 | } |
| 110 | 120 | ||
| 111 | $authorization = $request->getHeaderLine('Authorization'); | 121 | if (isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])) { |
| 122 | $authorization = $this->container->environment['REDIRECT_HTTP_AUTHORIZATION']; | ||
| 123 | } else { | ||
| 124 | $authorization = $request->getHeaderLine('Authorization'); | ||
| 125 | } | ||
| 112 | 126 | ||
| 113 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { | 127 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { |
| 114 | throw new ApiAuthorizationException('Invalid JWT header'); | 128 | throw new ApiAuthorizationException('Invalid JWT header'); |
| @@ -130,6 +144,7 @@ class ApiMiddleware | |||
| 130 | $linkDb = new BookmarkFileService( | 144 | $linkDb = new BookmarkFileService( |
| 131 | $conf, | 145 | $conf, |
| 132 | $this->container->get('history'), | 146 | $this->container->get('history'), |
| 147 | new FlockMutex(fopen(SHAARLI_MUTEX_FILE, 'r'), 2), | ||
| 133 | true | 148 | true |
| 134 | ); | 149 | ); |
| 135 | $this->container['db'] = $linkDb; | 150 | $this->container['db'] = $linkDb; |