New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Passing Authorization header in requests #54
Comments
I had an issue with this as well, I'm sure I read a blog post or a stack overflow post where someone else had an issue with this header and it turned out symfony was removing them. It wasn't an issue with this Api but a laravel 4 issue I'll see if I can find it. |
Yeah I've just run into this issue. Not sure whether it's Laravel or Apache or PHP that was causing it, but the Authorization header wasn't available. Adding:
To .htaccess fixed it for me. |
I had the same issue recently, I also had to use that .htaccess fix. Glad I'm not alone, as for why I didn't report it myself.. Uhhh, busy with work and reddit :P ---Hunter Skrasekhunterskrasek@me.com On May 21, 2014 at 6:38:40 PM CDT, harhoo notifications@github.com wrote:Yeah I've just run into this issue. Not sure whether it's Laravel or Apache or PHP that was causing it, but the Authorization header wasn't available. Adding: RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] To .htaccess fixed it for me. —Reply to this email directly or view it on GitHub. |
Yeah I've been meaning to add a FAQ section on this as the header is
|
This is related. thephpleague/oauth2-server@44f51bf If you're using League then this is fixed. It was fixed in 3.x and 4.x for a while, but the bridge package used here requires 2.1.1, so this 2.1.2 fixes it. :) |
Thanks all. :) Much appreciated. |
That helped a lot. |
@harhoo Thank you! |
@jasonlewis This should be added to wiki imho #54 (comment) |
If I'm not wrong, this issue looks like it's documented here: https://github.com/symfony/HttpFoundation/blob/master/ServerBag.php#L46-L58 It recommends adding a similar rewrite rule and it worked for me. |
@harhoo I tried your solution but I am still get same authentication issue, I don't get that error if I use php artisan serve, but if I try to access it through apache server I get the authentication error. My .htaccess file in public directory:
I have spent several hours, I will be very thankful if anyone of you can help me get out of this problem. |
Move the auth rule up so it's just below RewriteEngine on. The [L] in your other rule means Last, ie stop processing rules after this. |
Ok, so I'm probably missing something, but I figured I might as well ask before I spent too much more time on this.
Here's my routes file.
So I have a very basic route setup here to be protected and tied to the articles.read scope.
I logged in and created an access token with this scope, and then I pass it to the route via an Authorization header in Postman. Doesn't work.
However, if I pass it as POST data with "access_token" it's working and it properly authenticates the request.
Is there something I'm doing incorrectly?
The text was updated successfully, but these errors were encountered: