Handled bearer authorization header in REDIRECT_ form
Apache rewrite module renames client request header (`HTTP_`) by prepending `REDIRECT_` to it. http basic authentication and http digest authentication are properly processed in REDIRECT_ form, while bearer is processed in HTTP_ form, but dropped in REDIRECT_ form.
This commit is contained in:
parent
ce95fa8fb3
commit
7b2e2df5ec
|
@ -75,6 +75,13 @@ class ServerBag extends ParameterBag
|
|||
// In some circumstances PHP_AUTH_DIGEST needs to be set
|
||||
$headers['PHP_AUTH_DIGEST'] = $authorizationHeader;
|
||||
$this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader;
|
||||
} elseif (0 === stripos($authorizationHeader, 'bearer ')) {
|
||||
/*
|
||||
* XXX: Since there is no PHP_AUTH_BEARER in PHP predefined variables,
|
||||
* I'll just set $headers['AUTHORIZATION'] here.
|
||||
* http://php.net/manual/en/reserved.variables.server.php
|
||||
*/
|
||||
$headers['AUTHORIZATION'] = $authorizationHeader;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -141,4 +141,14 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase
|
|||
'AUTHORIZATION' => $headerContent,
|
||||
), $bag->getHeaders());
|
||||
}
|
||||
|
||||
public function testOAuthBearerAuthWithRedirect()
|
||||
{
|
||||
$headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
|
||||
$bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $headerContent));
|
||||
|
||||
$this->assertEquals(array(
|
||||
'AUTHORIZATION' => $headerContent,
|
||||
), $bag->getHeaders());
|
||||
}
|
||||
}
|
||||
|
|
Reference in New Issue