Merge pull request #12719 from annando/andstatus
Fetch data from basic auth when one of the parameters is missing
This commit is contained in:
commit
d7f8b77e1d
1 changed files with 1 additions and 1 deletions
|
@ -60,7 +60,7 @@ class Token extends BaseApi
|
||||||
$authorization = $_SERVER['REDIRECT_REMOTE_USER'] ?? '';
|
$authorization = $_SERVER['REDIRECT_REMOTE_USER'] ?? '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($request['client_id']) && substr($authorization, 0, 6) == 'Basic ') {
|
if ((empty($request['client_id']) || empty($request['client_secret'])) && substr($authorization, 0, 6) == 'Basic ') {
|
||||||
// Per RFC2617, usernames can't contain a colon but password can,
|
// Per RFC2617, usernames can't contain a colon but password can,
|
||||||
// so we cut on the first colon to obtain the username and the password
|
// so we cut on the first colon to obtain the username and the password
|
||||||
// @see https://www.rfc-editor.org/rfc/rfc2617#section-2
|
// @see https://www.rfc-editor.org/rfc/rfc2617#section-2
|
||||||
|
|
Loading…
Reference in a new issue