aboutsummaryrefslogtreecommitdiffstats
path: root/include/api_auth.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-12-07 18:56:26 -0800
committerzotlabs <mike@macgirvin.com>2017-12-07 18:56:26 -0800
commit85b7c90637b03d4f3093f6a3557d807dbd6dd8b3 (patch)
tree441f9202a951c132de9a878cd490a43b374cba3c /include/api_auth.php
parente9ae51cfbca4ca4c2a5e9a2c452031e31985d093 (diff)
downloadvolse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.tar.gz
volse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.tar.bz2
volse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.zip
strip acct: from OWA auth to API endpoints
Diffstat (limited to 'include/api_auth.php')
-rw-r--r--include/api_auth.php3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/api_auth.php b/include/api_auth.php
index 0818fa54b..5c0bcb317 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -52,6 +52,7 @@ function api_login(&$a){
/* Signature authentication */
if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
+
if($head !== 'HTTP_AUTHORIZATION') {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
continue;
@@ -59,7 +60,7 @@ function api_login(&$a){
$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
if($sigblock) {
- $keyId = $sigblock['keyId'];
+ $keyId = str_replace('acct:','',$sigblock['keyId']);
if($keyId) {
$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
dbesc($keyId)