Merge branch 'master' into testing

[quix0rs-gnu-social.git] / lib / apiauth.php

diff --git a/lib/apiauth.php b/lib/apiauth.php
index f63c84d8f38d768e950c6b65b3b0361bbe45b989..e78de618ee2a4eb1713278d2592a54efd828c127 100644 (file)
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -241,7 +241,7 @@ class ApiAuthAction extends ApiAction
             $realm = common_config('site', 'name') . ' API';
         }
 
-        if (!isset($this->auth_user_nickname) && $required) {
+        if (empty($this->auth_user_nickname) && $required) {
             header('WWW-Authenticate: Basic realm="' . $realm . '"');
 
             // show error if the user clicks 'cancel'
@@ -267,7 +267,7 @@ class ApiAuthAction extends ApiAction
 
             $this->access = self::READ_WRITE;
 
-            if (empty($this->auth_user) && $required) {
+            if (empty($this->auth_user) && ($required || isset($_SERVER['PHP_AUTH_USER']))) {
 
                 // basic authentication failed
 
@@ -294,11 +294,15 @@ class ApiAuthAction extends ApiAction
 
     function basicAuthProcessHeader()
     {
-        if (isset($_SERVER['AUTHORIZATION'])
-            || isset($_SERVER['HTTP_AUTHORIZATION'])
-            ) {
-            $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])
-              ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION'];
+        $authHeaders = array('AUTHORIZATION',
+                             'HTTP_AUTHORIZATION',
+                             'REDIRECT_HTTP_AUTHORIZATION'); // rewrite for CGI
+        $authorization_header = null;
+        foreach ($authHeaders as $header) {
+            if (isset($_SERVER[$header])) {
+                $authorization_header = $_SERVER[$header];
+                break;
+            }
         }
 
         if (isset($_SERVER['PHP_AUTH_USER'])) {