diff options
author | zotlabs <mike@macgirvin.com> | 2017-12-07 18:56:26 -0800 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-12-07 18:56:26 -0800 |
commit | 85b7c90637b03d4f3093f6a3557d807dbd6dd8b3 (patch) | |
tree | 441f9202a951c132de9a878cd490a43b374cba3c /include/api_auth.php | |
parent | e9ae51cfbca4ca4c2a5e9a2c452031e31985d093 (diff) | |
download | volse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.tar.gz volse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.tar.bz2 volse-hubzilla-85b7c90637b03d4f3093f6a3557d807dbd6dd8b3.zip |
strip acct: from OWA auth to API endpoints
Diffstat (limited to 'include/api_auth.php')
-rw-r--r-- | include/api_auth.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/api_auth.php b/include/api_auth.php index 0818fa54b..5c0bcb317 100644 --- a/include/api_auth.php +++ b/include/api_auth.php @@ -52,6 +52,7 @@ function api_login(&$a){ /* Signature authentication */ if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { + if($head !== 'HTTP_AUTHORIZATION') { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; continue; @@ -59,7 +60,7 @@ function api_login(&$a){ $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]); if($sigblock) { - $keyId = $sigblock['keyId']; + $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", dbesc($keyId) |