Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:95870 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 72803 invoked from network); 9 Sep 2016 17:15:25 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Sep 2016 17:15:25 -0000 Authentication-Results: pb1.pair.com smtp.mail=marijic.silvio@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=marijic.silvio@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.43 as permitted sender) X-PHP-List-Original-Sender: marijic.silvio@gmail.com X-Host-Fingerprint: 209.85.214.43 mail-it0-f43.google.com Received: from [209.85.214.43] ([209.85.214.43:38437] helo=mail-it0-f43.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 56/B4-46544-B2EE2D75 for ; Fri, 09 Sep 2016 13:15:24 -0400 Received: by mail-it0-f43.google.com with SMTP id c198so23444701ith.1 for ; Fri, 09 Sep 2016 10:15:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=wtFxd7hB2Tyjr2SY0nm037f0zHDUyuHmnVOcVhPpJQI=; b=VI94NiVq6P6QzDTtH2SyKBNg3jdr2aTfJkg+LsYnnPXMON3wSPj7Ri4hZcfruH7be0 V0o2IP/91qD+Ud+CiIMHb8R22XXjqCfDZXGhsRxg5WTmE0gRiAK9cqnfX4InrYuxjptO AMEbR5JiTmVXVBqGQk+W5lSfYI1blJbA0ZtDddNtKE9sL9HN5aczrK58d2k/icJR4IWB zBy5FXO10seN6UpWlOJjWB9fIOr1zRvWc9tyMgxt+fJmVjYnOkC+v+ysRUxVW8bXkQNd f5T6sfGKfW04hb3J8syOQCMdeqbgJ+YAghWuq/v8WLwgw2ZZhaDIhfkWnl/1JVIurMSb DYTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=wtFxd7hB2Tyjr2SY0nm037f0zHDUyuHmnVOcVhPpJQI=; b=kxIs0/PK/vGMduTvmVQu687lD2X6DlMOrpqRuv7nr+Uj77lzlDe/uWJyw08EGUn2Vs jjKYHEFsiWY873Lh/OmTyP1/QUKRKmNGjdM3llgC8DmsH8CBxCvFEDeYZhgX0kM0hOny Xkk1iI4YwyDWbxpOZxYsBSGcw+14MGSl38U1oSceKsFWXNSi+3ORflclu0Gf7f21W5Sp DEM7SWiTu3tZwnrnY1bNIGzuD5ckfj0aIVwsbBw6ikqVaH32mlg8X9Ro9VUowCQAKcbQ N4sGluPoKBrNfu7Fw6JqahnIFyoOqjtlxp9vuRaApZliZfmaKQhqxENMa5GrAKpBzK5D 3QxA== X-Gm-Message-State: AE9vXwMoba7b5oTjxuPloKZCJriFdQlXpIEnc5U5x2H9rf3ja+JlMVjqzBMouFoSxBdQCVbbflUI/wqmy6D/Zw== X-Received: by 10.157.15.242 with SMTP id m47mr6901243otd.191.1473441320546; Fri, 09 Sep 2016 10:15:20 -0700 (PDT) MIME-Version: 1.0 Received: by 10.36.207.134 with HTTP; Fri, 9 Sep 2016 10:15:20 -0700 (PDT) In-Reply-To: References: Date: Fri, 9 Sep 2016 19:15:20 +0200 Message-ID: To: Stephen Reay Cc: Niklas Keller , PHP Internals List Content-Type: multipart/alternative; boundary=001a113d0f5a823a1e053c164acb Subject: Re: [PHP-DEV] [PHPDEV] Bearer Auth From: marijic.silvio@gmail.com (=?UTF-8?Q?Silvio_Mariji=C4=87?=) --001a113d0f5a823a1e053c164acb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable @Stephen Yes, this change does not remove any previously variables in $_SERVER, only adds PHP_AUTH_BEARER when present in request. 2016-09-09 18:07 GMT+02:00 Stephen Reay : > Does this change also leave the raw header in > $_SERVER['HTTP_AUTHORIZATION=E2=80=99] ? > > > On 9 Sep 2016, at 21:30, Silvio Mariji=C4=87 > wrote: > > > > @Niklas > > We are already supporting Basic and Digest and Bearer and MAC are used > > widely as a form of token authorization. > > > > 2016-09-09 14:37 GMT+02:00 Niklas Keller : > > > >> 2016-09-09 14:17 GMT+02:00 Silvio Mariji=C4=87 : > >> > >>> Came across this issue https://bugs.php.net/bug.php?id=3D72915 and go= t > an > >>> idea. I've added PHP_AUTH_BEARER to $_SERVER when Bearer auth token i= s > >>> used > >>> as Authorization method. > >>> > >>> Does this kind of change requires RFC ? Would this kind of change be > >>> usefull enough to go into the codebase ? > >>> > >>> Here are the changes I made: > >>> https://github.com/php/php-src/compare/master...smarijic: > php_auth_bearer > >>> > >>> Cheers, > >>> Silvio. > >>> -- > >>> Silvio Mariji=C4=87 > >>> Software Engineer > >>> 2e Systems > >>> > >> > >> I don't see why we should special case Bearer tokens. > >> > >> Regards, Niklas > >> > > > > > > > > -- > > Silvio Mariji=C4=87 > > Software Engineer > > 2e Systems > > --=20 Silvio Mariji=C4=87 Software Engineer 2e Systems --001a113d0f5a823a1e053c164acb--