Release 0.7.1
[grauphel.git] / lib / oauth.php
index 231a177..4bc46dd 100644 (file)
@@ -158,10 +158,23 @@ class OAuth
      */
     public static function getProvider()
     {
+        $params = array();
         //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
-        //unset($_SERVER['HTTP_AUTHORIZATION']);
 
-        $params = array();
+        //copy http auth headers for apache+php-fcgid work around
+        if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+            $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+        }
+
+        if (isset($_SERVER['HTTP_AUTHORIZATION'])
+            && $_SERVER['HTTP_AUTHORIZATION'] == ''
+        ) {
+            //work around bug https://bugs.php.net/bug.php?id=68168
+            //#68168: HTTP Basic auth and empty auth header reported
+            //        as "signature_method_rejected"
+            $params['oauth_signature_method'] = OAUTH_SIG_METHOD_PLAINTEXT;
+        }
+
         if (!isset($_SERVER['HTTP_AUTHORIZATION'])
             && isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
         ) {