@Stephen Yes, this change does not remove any previously variables in $_SERVER, only adds PHP_AUTH_BEARER when present in request.
2016-09-09 18:07 GMT+02:00 Stephen Reay <php-li...@koalephant.com>: > Does this change also leave the raw header in > $_SERVER['HTTP_AUTHORIZATION’] ? > > > On 9 Sep 2016, at 21:30, Silvio Marijić <marijic.sil...@gmail.com> > wrote: > > > > @Niklas > > We are already supporting Basic and Digest and Bearer and MAC are used > > widely as a form of token authorization. > > > > 2016-09-09 14:37 GMT+02:00 Niklas Keller <m...@kelunik.com>: > > > >> 2016-09-09 14:17 GMT+02:00 Silvio Marijić <marijic.sil...@gmail.com>: > >> > >>> Came across this issue https://bugs.php.net/bug.php?id=72915 and got > an > >>> idea. I've added PHP_AUTH_BEARER to $_SERVER when Bearer auth token is > >>> used > >>> as Authorization method. > >>> > >>> Does this kind of change requires RFC ? Would this kind of change be > >>> usefull enough to go into the codebase ? > >>> > >>> Here are the changes I made: > >>> https://github.com/php/php-src/compare/master...smarijic: > php_auth_bearer > >>> > >>> Cheers, > >>> Silvio. > >>> -- > >>> Silvio Marijić > >>> Software Engineer > >>> 2e Systems > >>> > >> > >> I don't see why we should special case Bearer tokens. > >> > >> Regards, Niklas > >> > > > > > > > > -- > > Silvio Marijić > > Software Engineer > > 2e Systems > > -- Silvio Marijić Software Engineer 2e Systems
