Version bump

Merge branch 'release/3.2.2'
Conflicts: composer.json
2025-05-31 14:12:07 +05:30 · 2014-07-23 16:13:50 +01:00 · 2014-07-23 16:10:02 +01:00 · 2014-07-23 16:08:50 +01:00 · 2014-07-23 16:08:33 +01:00 · 2014-07-23 16:05:42 +01:00
5 changed files with 17 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog

+## 3.2.2 (released 2014-07-23)
+
+* Fix Resource server Request HTTP header access (Issue #188)
+
 ## 3.2 (released 2014-04-16)

 * Added the ability to change the algorithm that is used to generate the token strings (Issue #151)
--- a/composer.json
+++ b/composer.json
@@ -1,6 +1,7 @@
 {
 	"name": "league/oauth2-server",
 	"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
+	"version": "3.2.3",
 	"license": "MIT",
 	"require": {
 		"php": ">=5.4.0"
--- a/src/League/OAuth2/Server/Resource.php
+++ b/src/League/OAuth2/Server/Resource.php
@@ -163,9 +163,9 @@ class Resource
        // include the "WWW-Authenticate" response header field
        // matching the authentication scheme used by the client.
        // @codeCoverageIgnoreStart
-        if ($error === 'insufficient_scope') {
+        if ($error === 'invalid_token') {
            $authScheme = null;
-            $request = new Request();
+            $request = Request::buildFromGlobals();
            if ($request->server('PHP_AUTH_USER') !== null) {
                $authScheme = 'Basic';
            } else {
--- a/src/League/OAuth2/Server/Util/Request.php
+++ b/src/League/OAuth2/Server/Util/Request.php
@@ -76,22 +76,25 @@ class Request implements RequestInterface

    protected function readHeaders()
    {
-        if (function_exists('getallheaders')) {
+        if (function_exists('apache_request_headers')) {
            // @codeCoverageIgnoreStart
-            $headers = getallheaders();
+            $headers = apache_request_headers();
+        } elseif (function_exists('http_get_request_headers')) {
+            $headers = http_get_request_headers();
        } else {
            // @codeCoverageIgnoreEnd
            $headers = array();
            foreach ($this->server() as $name => $value) {
                if (substr($name, 0, 5) == 'HTTP_') {
-                    $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))));
+                    // HTTP_FOO_BAR becomes FOO-BAR
+                    $name = str_replace(array('HTTP_', '_'), array('', '-'), $name);
                    $headers[$name] = $value;
                }
            }
        }

        return $this->normalizeHeaders($headers);
-   }
+    }

    protected function getPropertyValue($property, $index = null, $default = null)
    {
@@ -143,4 +146,4 @@ class Request implements RequestInterface

        return $key;
    }
-}
+}
--- a/tests/resource/ResourceServerTest.php
+++ b/tests/resource/ResourceServerTest.php
@@ -38,8 +38,8 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
    public function test_getExceptionHttpHeaders()
    {
        $this->assertEquals(array('HTTP/1.1 400 Bad Request'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_request'));
-        $this->assertEquals(array('HTTP/1.1 401 Unauthorized'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
-        $this->assertContains('HTTP/1.1 403 Forbidden', League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
+        $this->assertContains('HTTP/1.1 401 Unauthorized', League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
+        $this->assertEquals(array('HTTP/1.1 403 Forbidden'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
    }

    public function test_setRequest()
Author	SHA1	Message	Date
Alex Bilbie	2f14f6b391	Version bump	2014-07-23 16:13:50 +01:00
Alex Bilbie	94369abd60	Merge branch 'release/3.2.2' Conflicts: composer.json	2014-07-23 16:10:02 +01:00
Alex Bilbie	45edac4216	Version bump	2014-07-23 16:08:50 +01:00
Alex Bilbie	5bdfc9908a	Updated changelog	2014-07-23 16:08:33 +01:00
Alex Bilbie	1890d71838	Merge branch 'develop' of github.com:thephpleague/oauth2-server into develop	2014-07-23 16:05:42 +01:00
Alex Bilbie	00d5fb5834	Merge pull request #188 from ushahidi/fix-http-headers-util-request Fix Resource server Request HTTP header access	2014-07-23 15:58:24 +01:00
Robbie Mackay	49b776c495	In Resource::getExceptionHttpHeaders() use Request::BuildFromGlobals	2014-07-23 07:48:05 -07:00
Woody Gilk	31e03c2d36	Fix broken http header extraction in Util\Request	2014-07-23 07:47:29 -07:00
Alex Bilbie	6f85bcbbf1	Merge branch 'develop' of github.com:thephpleague/oauth2-server into develop	2014-07-22 11:45:54 +01:00
Phil Sturgeon	7771bc04ec	Merge pull request #186 from ushahidi/resource-server-correct-http-error Send HTTP 401 for invalid_token, rather than insufficient_scope	2014-07-15 15:39:28 +01:00
Woody Gilk	f34dd4a0cb	401 status is for invalid_token, not insufficient_scope	2014-07-11 11:59:18 -05:00