The IndieAuth spec wants that now.
Previously, it allowed both x-www-form-urlencoded and application/json.
Now this is not true anymore, because aaronpk wanted IndieAuth to be
"a proper OAuth2 extension".
Resolves: https://github.com/cweiske/anoweco/issues/9
error('Invalid signature');
}
header('HTTP/1.0 200 OK');
- header('Content-type: application/x-www-form-urlencoded');
- echo http_build_query(['me' => $me]);
+ header('Content-type: application/json');
+ echo json_encode(['me' => $me]);
exit();
}
} else if ($_SERVER['REQUEST_METHOD'] == 'HEAD') {
array(
'http' => array(
'header' => array(
- 'Authorization: Bearer ' . $token
+ 'Authorization: Bearer ' . $token,
+ 'Accept: application/json',
),
'ignore_errors' => true,
),
);
}
- parse_str($res, $data);
+ $data = json_decode($res, true);
//FIXME: they spit out non-micropub json error responess
- verifyUrlParameter($data, 'me');
- verifyUrlParameter($data, 'client_id');
+ verifyParameter($data, 'me');
+ verifyParameter($data, 'client_id');
verifyParameter($data, 'scope');
return [$data['me'], $data['client_id'], $data['scope']];
}
header('HTTP/1.0 200 OK');
- header('Content-type: application/x-www-form-urlencoded');
- echo http_build_query(
+ header('Content-type: application/json');
+ echo json_encode(
array(
'me' => $me,
'client_id' => $client_id,
)
);
header('HTTP/1.0 200 OK');
- header('Content-type: application/x-www-form-urlencoded');
- echo http_build_query(
+ header('Content-type: application/json');
+ echo json_encode(
array(
'access_token' => $access_token,
+ 'token_type' => 'Bearer',
'me' => $me,
'scope' => $scope
)
git.cweiske.de / anoweco.git / commitdiff