Fix #20 and #25: Add authorization header workaround for fcgid
authorChristian Weiske <cweiske@cweiske.de>
Sun, 20 Sep 2015 17:46:07 +0000 (19:46 +0200)
committerChristian Weiske <cweiske@cweiske.de>
Sun, 20 Sep 2015 17:46:07 +0000 (19:46 +0200)
Apparently the "Authorization" header are passed into PHP as
HTTP_XAUTHORIZATION instead of HTTP_AUTHORIZATION.

lib/oauth.php

index 4a652fc..4bc46dd 100644 (file)
@@ -161,6 +161,11 @@ class OAuth
         $params = array();
         //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
 
         $params = array();
         //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
 
+        //copy http auth headers for apache+php-fcgid work around
+        if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+            $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+        }
+
         if (isset($_SERVER['HTTP_AUTHORIZATION'])
             && $_SERVER['HTTP_AUTHORIZATION'] == ''
         ) {
         if (isset($_SERVER['HTTP_AUTHORIZATION'])
             && $_SERVER['HTTP_AUTHORIZATION'] == ''
         ) {