X-Git-Url: https://git.cweiske.de/anoweco.git/blobdiff_plain/a7ff94c0836165a2128bfc0f9402fdfb41eed1e2..fd760dceff0278836fd05fd4bd314218dc33db34:/www/token.php

diff --git a/www/token.php b/www/token.php
index be9a264..667fc7b 100644
--- a/www/token.php
+++ b/www/token.php
@@ -39,10 +39,15 @@ function getOptionalParameter($givenParams, $paramName, $default)
 
 if ($_SERVER['REQUEST_METHOD'] == 'GET') {
     //verify token
-    if (!isset($_SERVER['HTTP_AUTHORIZATION'])) {
+    if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
+        $auth = $_SERVER['HTTP_AUTHORIZATION'];
+    } else if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
+        //php-cgi has it there
+        $auth = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
+    } else {
         error('Authorization HTTP header missing');
     }
-    list($bearer, $token) = explode(' ', $_SERVER['HTTP_AUTHORIZATION'], 2);
+    list($bearer, $token) = explode(' ', $auth, 2);
     if ($bearer !== 'Bearer') {
         error('Authorization header must start with "Bearer"');
     }