Workaround for hoster (ionos)

The hoster writes the environment variable with bearer token to
REDIRECT_HTTP_AUTHORIZATION and needs to provide RewriteBase / to
.htaccess
This commit is contained in:
Christoph Stoettner 2020-09-29 12:15:04 +02:00
parent 6cdca9562c
commit 676571dab9
2 changed files with 10 additions and 2 deletions

View file

@ -10,8 +10,12 @@ RewriteRule ^(.git|doxygen|vendor) - [F]
# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Alternative (if the 2 lines above don't work)
# SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
# REST API
# Ionos Hosting needs RewriteBase /
# RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]

View file

@ -107,7 +107,7 @@ class ApiMiddleware
*/
protected function checkToken($request)
{
if (! $request->hasHeader('Authorization')) {
if (! $request->hasHeader('Authorization') && !isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
throw new ApiAuthorizationException('JWT token not provided');
}
@ -115,7 +115,11 @@ class ApiMiddleware
throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration');
}
$authorization = $request->getHeaderLine('Authorization');
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
$authorization = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
} else {
$authorization = $request->getHeaderLine('Authorization');
}
if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) {
throw new ApiAuthorizationException('Invalid JWT header');