diff options
Diffstat (limited to 'application')
| -rw-r--r-- | application/api/ApiMiddleware.php | 10 | ||||
| -rw-r--r-- | application/config/ConfigJson.php | 2 |
2 files changed, 9 insertions, 3 deletions
diff --git a/application/api/ApiMiddleware.php b/application/api/ApiMiddleware.php index 09ce6445..f5b53b01 100644 --- a/application/api/ApiMiddleware.php +++ b/application/api/ApiMiddleware.php | |||
| @@ -107,7 +107,9 @@ class ApiMiddleware | |||
| 107 | */ | 107 | */ |
| 108 | protected function checkToken($request) | 108 | protected function checkToken($request) |
| 109 | { | 109 | { |
| 110 | if (! $request->hasHeader('Authorization')) { | 110 | if (!$request->hasHeader('Authorization') |
| 111 | && !isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION']) | ||
| 112 | ) { | ||
| 111 | throw new ApiAuthorizationException('JWT token not provided'); | 113 | throw new ApiAuthorizationException('JWT token not provided'); |
| 112 | } | 114 | } |
| 113 | 115 | ||
| @@ -115,7 +117,11 @@ class ApiMiddleware | |||
| 115 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); | 117 | throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); |
| 116 | } | 118 | } |
| 117 | 119 | ||
| 118 | $authorization = $request->getHeaderLine('Authorization'); | 120 | if (isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])) { |
| 121 | $authorization = $this->container->environment['REDIRECT_HTTP_AUTHORIZATION']; | ||
| 122 | } else { | ||
| 123 | $authorization = $request->getHeaderLine('Authorization'); | ||
| 124 | } | ||
| 119 | 125 | ||
| 120 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { | 126 | if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { |
| 121 | throw new ApiAuthorizationException('Invalid JWT header'); | 127 | throw new ApiAuthorizationException('Invalid JWT header'); |
diff --git a/application/config/ConfigJson.php b/application/config/ConfigJson.php index 4509357c..c0c0dab9 100644 --- a/application/config/ConfigJson.php +++ b/application/config/ConfigJson.php | |||
| @@ -46,7 +46,7 @@ class ConfigJson implements ConfigIO | |||
| 46 | // JSON_PRETTY_PRINT is available from PHP 5.4. | 46 | // JSON_PRETTY_PRINT is available from PHP 5.4. |
| 47 | $print = defined('JSON_PRETTY_PRINT') ? JSON_PRETTY_PRINT : 0; | 47 | $print = defined('JSON_PRETTY_PRINT') ? JSON_PRETTY_PRINT : 0; |
| 48 | $data = self::getPhpHeaders() . json_encode($conf, $print) . self::getPhpSuffix(); | 48 | $data = self::getPhpHeaders() . json_encode($conf, $print) . self::getPhpSuffix(); |
| 49 | if (!file_put_contents($filepath, $data)) { | 49 | if (empty($filepath) || !file_put_contents($filepath, $data)) { |
| 50 | throw new \Shaarli\Exceptions\IOException( | 50 | throw new \Shaarli\Exceptions\IOException( |
| 51 | $filepath, | 51 | $filepath, |
| 52 | t('Shaarli could not create the config file. '. | 52 | t('Shaarli could not create the config file. '. |