Add additional check for "REDIRECT_HTTP_AUTHORIZATION" [#2661080]

I am using PHP in fastCGI mode and HTTP authorization. I have added the .htaccess patch:

However, now the info is stored in $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] instead of $_SERVER['HTTP_AUTHORIZATION']

I think this is a hoster related setup for cgi environments but many people like me could run into this issue.

see for example also:

https://www.drupal.org/node/2101361
https://github.com/zendframework/zf2/issues/5873
http://www.rosmir.org/Index/Docs/archive/LabsFolder/FastCGI

and so on.

So i would suggest to add the following in "function _services_basic_auth_authenticate_call":

// PHP FastCGI doesn't support HTTP Basic Authentication out of the box so we
  // need this workaround. Requires a patch to .htaccess.
  // @see http://drupal.org/node/1864628.
  if (isset($_SERVER['HTTP_AUTHORIZATION']) AND !empty($_SERVER['HTTP_AUTHORIZATION'])) {
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)), 2);
  } elseif (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) AND !empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)), 2);
  }

Could you please add this into your module´s next release?! (And/Ord comment my suggestion and argument pro/cons) ?

Thanks!

Comment	File	Size	Author
#8	services_basic_auth-2661080-8.patch	3.84 KB	StijnStroobants
#4	services_basic_auth-2661080-4.patch	894 bytes	StijnStroobants
#3	services_basic_auth-2661080-3.patch	934 bytes	StijnStroobants

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

2 February 2016 at 11:18

drudev12 created an issue. See original summary.

Comment #2

drudev12 CreditAttribution: drudev12 commented 2 February 2016 at 11:19

Code is placed in: services_basic_auth/services_basic_auth.inc - File

Comment #3

StijnStroobants

Dutch

Leuven

CreditAttribution: StijnStroobants commented 3 March 2016 at 07:22

File	Size
services_basic_auth-2661080-3.patch	934 bytes

This is working perfectly for me!

Created a patch for this issue!

Comment #4

StijnStroobants

Dutch

Leuven

CreditAttribution: StijnStroobants commented 4 March 2016 at 06:51

File	Size
services_basic_auth-2661080-4.patch	894 bytes

There was a fault in my patch.
Fixed!

Comment #5

markpavlitski CreditAttribution: markpavlitski at Investis Digital commented 11 March 2016 at 11:37

Status:

Active

» Fixed

Thanks for the patch!

I've taken a slightly different approach in the end and allowed it to be configurable instead, rather than duplicating the checks.

You can configure this in your settings.php to specify the appropriate header name:

  $conf['services_basic_auth_fastcgi_header'] = 'REDIRECT_HTTP_AUTHORIZATION';

Comment #6

markpavlitski CreditAttribution: markpavlitski at Investis Digital commented 11 March 2016 at 11:37

Comment #7

11 March 2016 at 15:32

markpavlitski committed 2b28cd2 on 7.x-1.x

Issue #2661080 by StijnStroobants, drudev12: Allow FastCGI auth header...

Comment #8

StijnStroobants

Dutch

Leuven

CreditAttribution: StijnStroobants commented 15 March 2016 at 09:28

File	Size
services_basic_auth-2661080-8.patch	3.84 KB

I just created a settings-form under the authentication-tab of the services to change the HTTP header.

If overridden in the settings-file, the form-element will be disabled and a message will appear that it's overridden.
Like this you can use both ways to set the correct header.

I also added some t-functions etc.