Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:95869
Return-Path: <php-lists@koalephant.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 69080 invoked from network); 9 Sep 2016 16:07:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 9 Sep 2016 16:07:44 -0000
Authentication-Results: pb1.pair.com header.from=php-lists@koalephant.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=php-lists@koalephant.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain koalephant.com designates 206.123.115.54 as permitted sender)
X-PHP-List-Original-Sender: php-lists@koalephant.com
X-Host-Fingerprint: 206.123.115.54 mail1.25mail.st  
Received: from [206.123.115.54] ([206.123.115.54:56503] helo=mail1.25mail.st)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 4D/34-46544-E4ED2D75 for <internals@lists.php.net>; Fri, 09 Sep 2016 12:07:42 -0400
Received: from [10.0.1.23] (unknown [183.89.43.165])
	by mail1.25mail.st (Postfix) with ESMTPSA id 5EDF460D77;
	Fri,  9 Sep 2016 16:07:27 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
In-Reply-To: <CAA69SC4TxNkqdJG7882JovaAFsso-782Lfih58MhO=QOmCgy6Q@mail.gmail.com>
Date: Fri, 9 Sep 2016 23:07:21 +0700
Cc: Niklas Keller <me@kelunik.com>,
 PHP Internals List <internals@lists.php.net>
Content-Transfer-Encoding: quoted-printable
Message-ID: <A957A0F4-9AC8-4DC0-809F-D7759C5A586A@koalephant.com>
References: <CAA69SC6szFdRLAhmPuWf2VJb2RyWH0L=-DoVFqrOo74qomwSXA@mail.gmail.com> <CANUQDChoKhUZsJE6Ja8PNEJd6mrBzMCD2T3JJ+LfoGbF8LvnGQ@mail.gmail.com> <CAA69SC4TxNkqdJG7882JovaAFsso-782Lfih58MhO=QOmCgy6Q@mail.gmail.com>
To: =?utf-8?Q?Silvio_Mariji=C4=87?= <marijic.silvio@gmail.com>
X-Mailer: Apple Mail (2.3124)
Subject: Re: [PHP-DEV] [PHPDEV] Bearer Auth
From: php-lists@koalephant.com (Stephen Reay)

Does this change also leave the raw header in =
$_SERVER['HTTP_AUTHORIZATION=E2=80=99] ?

> On 9 Sep 2016, at 21:30, Silvio Mariji=C4=87 =
<marijic.silvio@gmail.com> wrote:
>=20
> @Niklas
> We are already supporting Basic and Digest and Bearer and MAC are used
> widely as a form of token authorization.
>=20
> 2016-09-09 14:37 GMT+02:00 Niklas Keller <me@kelunik.com>:
>=20
>> 2016-09-09 14:17 GMT+02:00 Silvio Mariji=C4=87 =
<marijic.silvio@gmail.com>:
>>=20
>>> Came across this issue https://bugs.php.net/bug.php?id=3D72915 and =
got an
>>> idea. I've added PHP_AUTH_BEARER to $_SERVER when Bearer auth token =
is
>>> used
>>> as Authorization method.
>>>=20
>>> Does this kind of change requires RFC ? Would this kind of change be
>>> usefull enough to go into the codebase ?
>>>=20
>>> Here are the changes I made:
>>> =
https://github.com/php/php-src/compare/master...smarijic:php_auth_bearer
>>>=20
>>> Cheers,
>>> Silvio.
>>> --
>>> Silvio Mariji=C4=87
>>> Software Engineer
>>> 2e Systems
>>>=20
>>=20
>> I don't see why we should special case Bearer tokens.
>>=20
>> Regards, Niklas
>>=20
>=20
>=20
>=20
> --=20
> Silvio Mariji=C4=87
> Software Engineer
> 2e Systems