Fixed authentication oversights.
This commit is contained in:
parent
277afa5b19
commit
35dce01323
GPG key ID:
2C9C2C574D47FE3E
3 changed files with 8 additions and 2 deletions
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
20250403.1
|
||||
20250403.2
|
||||
|
|
|
|||
|
|
@ -409,7 +409,7 @@ final class AuthProcessors implements RouteHandler {
|
|||
|
||||
$result = (function() use ($request) {
|
||||
$authz = explode(' ', $request->getHeaderLine('Authorization'), 2);
|
||||
if(count($authz) < 2 || strcasecmp('basic', $authz[0]) !== 0)
|
||||
if(count($authz) < 2 || strcasecmp('bearer', $authz[0]) !== 0)
|
||||
return false;
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
) {}
|
||||
|
||||
#[PatternRoute('GET', '/oauth2/authori[sz]e')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[UrlFormat('oauth2-authorise', '/oauth2/authorize')]
|
||||
public function getAuthorise(HttpResponseBuilder $response, HttpRequest $request): string {
|
||||
return Template::renderRaw('oauth2.authorise');
|
||||
|
|
@ -46,6 +47,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
* }
|
||||
*/
|
||||
#[ExactRoute('POST', '/oauth2/authorize')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[Before('input:urlencoded')]
|
||||
public function postAuthorise(HttpResponseBuilder $response, HttpRequest $request, FormContent $content): array {
|
||||
// TODO: RATE LIMITING
|
||||
|
|
@ -172,6 +174,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
* }
|
||||
*/
|
||||
#[ExactRoute('GET', '/oauth2/resolve-authorise-app')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[UrlFormat('oauth2-resolve-authorise-app', '/oauth2/resolve-authorise-app')]
|
||||
public function getResolveAuthorise(HttpResponseBuilder $response, HttpRequest $request): array {
|
||||
// TODO: RATE LIMITING
|
||||
|
|
@ -246,6 +249,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
}
|
||||
|
||||
#[ExactRoute('GET', '/oauth2/verify')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[UrlFormat('oauth2-verify', '/oauth2/verify')]
|
||||
public function getVerify(HttpResponseBuilder $response, HttpRequest $request): string {
|
||||
return Template::renderRaw('oauth2.verify');
|
||||
|
|
@ -261,6 +265,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
* }
|
||||
*/
|
||||
#[ExactRoute('POST', '/oauth2/verify')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[Before('input:urlencoded')]
|
||||
public function postVerify(HttpResponseBuilder $response, HttpRequest $request, FormContent $content): array {
|
||||
// TODO: RATE LIMITING
|
||||
|
|
@ -358,6 +363,7 @@ final class OAuth2WebRoutes implements RouteHandler, UrlSource {
|
|||
* }
|
||||
*/
|
||||
#[ExactRoute('GET', '/oauth2/resolve-verify')]
|
||||
#[Before('authz:cookie', required: false)]
|
||||
#[UrlFormat('oauth2-resolve-verify', '/oauth2/resolve-verify')]
|
||||
public function getResolveVerify(HttpResponseBuilder $response, HttpRequest $request) {
|
||||
// TODO: RATE LIMITING
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue