Authorization header should only be rebuild when Basic Auth scheme is used

2012-06-11 15:58:15 +02:00 · 2012-06-11 15:58:15 +02:00 · 5d88255d4e
commit 5d88255d4e
parent 27100ba4eb
2 changed files with 12 additions and 2 deletions
--- a/src/Symfony/Component/HttpFoundation/ServerBag.php
+++ b/src/Symfony/Component/HttpFoundation/ServerBag.php
@ -56,8 +56,8 @@ class ServerBag extends ParameterBag
                $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
            }

-            // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW
-            if (null !== $authorizationHeader) {
+            // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
+            if ((null !== $authorizationHeader) && (0 === stripos($authorizationHeader, 'basic'))) {
                $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)));
                if (count($exploded) == 2) {
                    list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
--- a/tests/Symfony/Tests/Component/HttpFoundation/ServerBagTest.php
+++ b/tests/Symfony/Tests/Component/HttpFoundation/ServerBagTest.php
@ -88,4 +88,14 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase
            'PHP_AUTH_PW' => ''
        ), $bag->getHeaders());
    }
+
+    public function testOAuthBearerAuth()
+    {
+        $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
+        $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
+
+        $this->assertEquals(array(
+            'AUTHORIZATION' => $headerContent,
+        ), $bag->getHeaders());
+    }
 }