summaryrefslogtreecommitdiffstats
path: root/admin/WebConsole/rest
diff options
context:
space:
mode:
authorramon <ramongomez@us.es>2017-11-08 11:58:15 +0000
committerramon <ramongomez@us.es>2017-11-08 11:58:15 +0000
commit41c430a39d97215f81cb82032b6402a6473e7d03 (patch)
tree093d1e0f95649389cc0a869ec8a6547346d60661 /admin/WebConsole/rest
parent78fc82cf7536dae76e1c3263bfb9e398ee7bbf88 (diff)
#810: Soportar obtención de cabeceras sin usar Apache y reducir el código.
git-svn-id: https://opengnsys.es/svn/branches/version1.1@5501 a21b9725-9963-47de-94b9-378ad31fedc9
Diffstat (limited to 'admin/WebConsole/rest')
-rw-r--r--admin/WebConsole/rest/repository.php32
1 files changed, 11 insertions, 21 deletions
diff --git a/admin/WebConsole/rest/repository.php b/admin/WebConsole/rest/repository.php
index 24372d4c..6e2a3f03 100644
--- a/admin/WebConsole/rest/repository.php
+++ b/admin/WebConsole/rest/repository.php
@@ -19,28 +19,16 @@ function validateRepositoryApiKey() {
$response = array();
$app = \Slim\Slim::getInstance();
- // Read Authorization HTTP header.
- $headers = apache_request_headers();
- if (! empty($headers['Authorization'])) {
- // Assign user id. that match this key to global variable.
- $apikey = htmlspecialchars($headers['Authorization']);
- // El repositorio recupera el token desde el fichero de configuracion ogAdmRepo.cfg
- $confFile = fopen("../../etc/ogAdmRepo.cfg", "r");
-
- // Leemos cada linea hasta encontrar la clave "ApiToken"
+ // Assign user id. that match this key to global variable.
+ @$apikey = htmlspecialchars(function_exists('apache_request_headers') ? apache_request_headers()['Authorization'] : $_SERVER['HTTP_AUTHORIZATION']);
+ if (isset($apikey)) {
+ // fetch repository token from ogAdmRepo.cfg configuration file.
+ @$confFile = parse_ini_file('../../etc/ogAdmRepo.cfg', 'r');
if ($confFile) {
- $found = false;
- while(!feof($confFile)){
- $line = fgets($confFile);
- $key = strtok($line,"=");
- if($key == "ApiToken"){
- $token = trim(strtok("="));
- if(strcmp($apikey,$token) == 0){
- $found = true;
- }
- }
- }
- if (!$found){
+ if(@strcmp($apikey, $confFile['ApiToken']) == 0) {
+ // Credentials OK.
+ return true;
+ } else {
// Credentials error.
$response['message'] = 'Login failed. Incorrect credentials';
jsonResponse(401, $response);
@@ -50,11 +38,13 @@ function validateRepositoryApiKey() {
// Cannot access configuration file.
$response['message'] = "An error occurred, please try again";
jsonResponse(500, $response);
+ $app->stop();
}
} else {
// Error: missing API key.
$response['message'] = 'Missing Repository API key';
jsonResponse(400, $response);
+ $app->stop();
}
}