friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Merge pull request #12719 from annando/andstatus 

Fetch data from basic auth when one of the parameters is missing
This commit is contained in:
Hypolite Petovan 2023-01-22 15:18:38 -05:00 committed by GitHub
parent 2db935fae2 575fb52438
commit d7f8b77e1d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Module/OAuth/Token.php
View File

@ -60,7 +60,7 @@ class Token extends BaseApi
$authorization = $_SERVER['REDIRECT_REMOTE_USER'] ?? '';
}
if (empty($request['client_id']) && substr($authorization, 0, 6) == 'Basic ') {
if ((empty($request['client_id']) || empty($request['client_secret'])) && substr($authorization, 0, 6) == 'Basic ') {
// Per RFC2617, usernames can't contain a colon but password can,
// so we cut on the first colon to obtain the username and the password
// @see https://www.rfc-editor.org/rfc/rfc2617#section-2