git.cweiske.de / grauphel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 9b69209)
Fix bug #10: OAuth does not work on ovh.com server
authorChristian Weiske <cweiske@cweiske.de>
Wed, 8 Oct 2014 19:24:35 +0000 (21:24 +0200)
committerChristian Weiske <cweiske@cweiske.de>
Wed, 8 Oct 2014 19:24:35 +0000 (21:24 +0200)
This ovh.com server always has $_SERVER['HTTP_AUTHORIZATION'] set.
By default it has an empty string as value, and this breaks the PHP
OAuth extension - see https://bugs.php.net/bug.php?id=68168

We work around that by forcing the signature method in this special case,
so that no exception is thrown.

Thanks to Julien Daviaud for giving me access to his server for debugging.

lib/oauth.php patch | blob | history

diff --git a/lib/oauth.php b/lib/oauth.php
index 9fea742962213cd64bd13b3db6d1774f6dbf765f..4a652fc507a462d4606f0213c04f28a64bc0c3d0 100644 (file)
--- a/lib/oauth.php
+++ b/lib/oauth.php
@@ -158,23 +158,18 @@ class OAuth
      */
     public static function getProvider()
     {
+        $params = array();
         //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
-        //unset($_SERVER['HTTP_AUTHORIZATION']);
-        if ((isset($_SERVER['HTTP_AUTHORIZATION'])
-                && strlen($_SERVER['HTTP_AUTHORIZATION'])
-                && strtolower(substr($_SERVER['HTTP_AUTHORIZATION'], 0, 5)) != 'oauth')
-            || (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
-                && strlen($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
-                && strtolower(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 0, 5)) != 'oauth')
+
+        if (isset($_SERVER['HTTP_AUTHORIZATION'])
+            && $_SERVER['HTTP_AUTHORIZATION'] == ''
         ) {
             //work around bug https://bugs.php.net/bug.php?id=68168
-            //#68168: HTTP Basic auth reported as "signature_method_rejected"
-            throw new \OAuthException(
-                'No oauth auth header', OAUTH_PARAMETER_ABSENT
-            );
+            //#68168: HTTP Basic auth and empty auth header reported
+            //        as "signature_method_rejected"
+            $params['oauth_signature_method'] = OAUTH_SIG_METHOD_PLAINTEXT;
         }
 
-        $params = array();
         if (!isset($_SERVER['HTTP_AUTHORIZATION'])
             && isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
         ) {
ownCloud application implementing the Tomboy REST API for syncing notes.