Release 0.7.2
[grauphel.git] / lib / oauth.php
index 41af349..4bc46dd 100644 (file)
@@ -158,21 +158,23 @@ class OAuth
      */
     public static function getProvider()
     {
+        $params = array();
         //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
-        //unset($_SERVER['HTTP_AUTHORIZATION']);
-        if ((isset($_SERVER['HTTP_AUTHORIZATION'])
-                && strtolower(substr($_SERVER['HTTP_AUTHORIZATION'], 0, 5)) != 'oauth')
-            || (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
-                && strtolower(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 0, 5)) != 'oauth')
+
+        //copy http auth headers for apache+php-fcgid work around
+        if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+            $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+        }
+
+        if (isset($_SERVER['HTTP_AUTHORIZATION'])
+            && $_SERVER['HTTP_AUTHORIZATION'] == ''
         ) {
             //work around bug https://bugs.php.net/bug.php?id=68168
-            //#68168: HTTP Basic auth reported as "signature_method_rejected"
-            throw new \OAuthException(
-                'No oauth auth header', OAUTH_PARAMETER_ABSENT
-            );
+            //#68168: HTTP Basic auth and empty auth header reported
+            //        as "signature_method_rejected"
+            $params['oauth_signature_method'] = OAUTH_SIG_METHOD_PLAINTEXT;
         }
 
-        $params = array();
         if (!isset($_SERVER['HTTP_AUTHORIZATION'])
             && isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
         ) {