blob: 6a59e760cd18498a0dd9a734818f9ab724c8c357 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
<?php
/**
* This file is part of RSS-Bridge, a PHP project capable of generating RSS and
* Atom feeds for websites that don't have one.
*
* For the full license information, please view the UNLICENSE file distributed
* with this source code.
*
* @package Core
* @license http://unlicense.org/ UNLICENSE
* @link https://github.com/rss-bridge/rss-bridge
*/
final class ApiAuthenticationMiddleware
{
public function __invoke($request): void
{
$accessTokenInConfig = Configuration::getConfig('authentication', 'access_token');
if (!$accessTokenInConfig) {
$this->exit('Access token is not set in this instance', 403);
}
if (isset($request['access_token'])) {
$accessTokenGiven = $request['access_token'];
} else {
$header = trim($_SERVER['HTTP_AUTHORIZATION'] ?? '');
$position = strrpos($header, 'Bearer ');
if ($position !== false) {
$accessTokenGiven = substr($header, $position + 7);
} else {
$accessTokenGiven = '';
}
}
if (!$accessTokenGiven) {
$this->exit('No access token given', 403);
}
if ($accessTokenGiven != $accessTokenInConfig) {
$this->exit('Incorrect access token', 403);
}
}
private function exit($message, $code)
{
http_response_code($code);
header('content-type: text/plain');
die($message);
}
}
|