Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Workaround for hoster (ionos)

Browse source 
The hoster writes the environment variable with bearer token to
REDIRECT_HTTP_AUTHORIZATION and needs to provide RewriteBase / to
.htaccess
This commit is contained in:
Christoph Stoettner 2020-09-29 12:15:04 +02:00
parent 6cdca9562c
commit 676571dab9
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.htaccess
View file

@ -10,8 +10,12 @@ RewriteRule ^(.git|doxygen|vendor) - [F]
# fixes JWT token not correctly forwarded on some Apache/FastCGI setups # fixes JWT token not correctly forwarded on some Apache/FastCGI setups
RewriteCond %{HTTP:Authorization} ^(.*) RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Alternative (if the 2 lines above don't work)
# SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
# REST API # REST API
# Ionos Hosting needs RewriteBase /
# RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L] RewriteRule ^ index.php [QSA,L]

8
application/api/ApiMiddleware.php
View file

@ -107,7 +107,7 @@ protected function checkRequest($request)
*/ */
protected function checkToken($request) protected function checkToken($request)
{ {
if (! $request->hasHeader('Authorization')) { if (! $request->hasHeader('Authorization') && !isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
throw new ApiAuthorizationException('JWT token not provided'); throw new ApiAuthorizationException('JWT token not provided');
} }
@ -115,7 +115,11 @@ protected function checkToken($request)
throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration'); throw new ApiAuthorizationException('Token secret must be set in Shaarli\'s administration');
} }
$authorization = $request->getHeaderLine('Authorization'); if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
$authorization = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
} else {
$authorization = $request->getHeaderLine('Authorization');
}
if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) { if (! preg_match('/^Bearer (.*)/i', $authorization, $matches)) {
throw new ApiAuthorizationException('Invalid JWT header'); throw new ApiAuthorizationException('Invalid JWT header');