ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-22 21:19:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Only add authenticate header if present in original request thephpleague/oauth2-server#745

Browse Source
This commit is contained in:
Andrew Millington 2018-05-10 22:07:03 +01:00
parent bd47b58f81
commit ff5e9f57a5
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Exception/OAuthServerException.php
View File

@ -294,13 +294,9 @@ class OAuthServerException extends \Exception
// include the "WWW-Authenticate" response header field // include the "WWW-Authenticate" response header field
// matching the authentication scheme used by the client. // matching the authentication scheme used by the client.
// @codeCoverageIgnoreStart // @codeCoverageIgnoreStart
if ($this->errorType === 'invalid_client') { if ($this->errorType === 'invalid_client' && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false) {
$authScheme = 'Basic'; $authScheme = strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0 ? 'Bearer' : 'Basic';
if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER) !== false
&& strpos($_SERVER['HTTP_AUTHORIZATION'], 'Bearer') === 0
) {
$authScheme = 'Bearer';
}
$headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"'; $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
} }
// @codeCoverageIgnoreEnd // @codeCoverageIgnoreEnd