From 53ebfda33ea6a0262c3cf49fce96b6b091182bba Mon Sep 17 00:00:00 2001 From: Jakub Zalas Date: Thu, 21 Jan 2016 15:41:38 +0000 Subject: [PATCH] [HttpFoundation] Do not overwrite the Authorization header if it is already set --- .../Component/HttpFoundation/ServerBag.php | 4 ++++ .../HttpFoundation/Tests/ServerBagTest.php | 15 +++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/src/Symfony/Component/HttpFoundation/ServerBag.php b/src/Symfony/Component/HttpFoundation/ServerBag.php index fa1cb2fc9f..0d38c08ac0 100644 --- a/src/Symfony/Component/HttpFoundation/ServerBag.php +++ b/src/Symfony/Component/HttpFoundation/ServerBag.php @@ -86,6 +86,10 @@ class ServerBag extends ParameterBag } } + if (isset($headers['AUTHORIZATION'])) { + return $headers; + } + // PHP_AUTH_USER/PHP_AUTH_PW if (isset($headers['PHP_AUTH_USER'])) { $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']); diff --git a/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php b/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php index 20773c4d7a..41e44e1005 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php @@ -151,4 +151,19 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase 'AUTHORIZATION' => $headerContent, ), $bag->getHeaders()); } + + /** + * @see https://github.com/symfony/symfony/issues/17345 + */ + public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet() + { + $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo'; + $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent)); + + $this->assertEquals(array( + 'AUTHORIZATION' => $headerContent, + 'PHP_AUTH_USER' => 'foo', + 'PHP_AUTH_PW' => '', + ), $bag->getHeaders()); + } }