php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-03 22:32:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix HttpAuthHeader

Browse Source
This commit is contained in:
Benoît
2018-02-20 13:45:52 +01:00
parent 313be2a5d7
commit da89225c8d
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
framework/CHANGELOG.md
View File

@ -4,8 +4,7 @@ Yii Framework 2 Change Log
2.0.15 under development 2.0.15 under development
------------------------ ------------------------
- no changes in this release. - Bug #15693: Fixed Fix HttpAuthHeader when no pattern is present but not matched (bboure).
2.0.14 February 18, 2018 2.0.14 February 18, 2018
------------------------ ------------------------

8
framework/filters/auth/HttpHeaderAuth.php
View File

@ -51,12 +51,16 @@ class HttpHeaderAuth extends AuthMethod
$authHeader = $request->getHeaders()->get($this->header); $authHeader = $request->getHeaders()->get($this->header);
if ($authHeader !== null) { if ($authHeader !== null) {
if ($this->pattern !== null && preg_match($this->pattern, $authHeader, $matches)) { if ($this->pattern !== null) {
if (preg_match($this->pattern, $authHeader, $matches)) {
$authHeader = $matches[1]; $authHeader = $matches[1];
} else {
return null;
} }
}
$identity = $user->loginByAccessToken($authHeader, get_class($this)); $identity = $user->loginByAccessToken($authHeader, get_class($this));
if ($identity === null) { if ($identity === null) {
$this->challenge($response);
$this->handleFailure($response); $this->handleFailure($response);
} }