mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-23 05:29:52 +05:30
Merge pull request #652 from rickshawhobo/4.1.x
less restrictive on Authorization header check
This commit is contained in:
commit
084b779cc6
@ -138,7 +138,7 @@ class ResourceServer extends AbstractServer
|
|||||||
*/
|
*/
|
||||||
public function determineAccessToken($headerOnly = false)
|
public function determineAccessToken($headerOnly = false)
|
||||||
{
|
{
|
||||||
if ($this->getRequest()->headers->get('Authorization') !== null) {
|
if (!empty($this->getRequest()->headers->get('Authorization'))) {
|
||||||
$accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
|
$accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
|
||||||
} elseif ($headerOnly === false && (! $this->getTokenType() instanceof MAC)) {
|
} elseif ($headerOnly === false && (! $this->getTokenType() instanceof MAC)) {
|
||||||
$accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET')
|
$accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET')
|
||||||
|
Loading…
Reference in New Issue
Block a user