MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Browse Source

Use media type matcher in IndieAuth

microsub
J. King 5 years ago
parent
cb49d810ee
commit
ba17d16358
1 changed files with 5 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      lib/REST/Microsub/Auth.php

12
lib/REST/Microsub/Auth.php
View File

@ -9,6 +9,7 @@ namespace JKingWeb\Arsse\REST\Microsub;
use JKingWeb\Arsse\Arsse; use JKingWeb\Arsse\Arsse;
use JKingWeb\Arsse\Misc\URL; use JKingWeb\Arsse\Misc\URL;
use JKingWeb\Arsse\Misc\Date; use JKingWeb\Arsse\Misc\Date;
use JKingWeb\Arsse\Misc\HTTP;
use JKingWeb\Arsse\Misc\ValueInfo; use JKingWeb\Arsse\Misc\ValueInfo;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
@ -39,7 +40,7 @@ class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
'&' => "%26", '&' => "%26",
]; ];
/** The acceptable media type of input for POST requests */ /** The acceptable media type of input for POST requests */
const ACCEPTED_TYPES = "application/x-www-form-urlencoded"; const ACCEPTED_TYPE = "application/x-www-form-urlencoded";
public function __construct() { public function __construct() {
} }
@ -60,17 +61,14 @@ class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
} elseif ($method === "OPTIONS") { } elseif ($method === "OPTIONS") {
$fields = ['Allow' => implode(",", array_keys(self::FUNCTIONS[$process]))]; $fields = ['Allow' => implode(",", array_keys(self::FUNCTIONS[$process]))];
if (isset(self::FUNCTIONS[$process]['POST'])) { if (isset(self::FUNCTIONS[$process]['POST'])) {
$fields['Accept'] = self::ACCEPTED_TYPES; $fields['Accept'] = self::ACCEPTED_TYPE;
} }
return new EmptyResponse(204, $fields); return new EmptyResponse(204, $fields);
} elseif (!isset(self::FUNCTIONS[$process][$method])) { } elseif (!isset(self::FUNCTIONS[$process][$method])) {
return new EmptyResponse(405, ['Allow' => implode(",", array_keys(self::FUNCTIONS[$process]))]); return new EmptyResponse(405, ['Allow' => implode(",", array_keys(self::FUNCTIONS[$process]))]);
} else { } else {
if ($req->getMethod() !== "GET") { if ($req->getMethod() !== "GET" && !HTTP::matchType($req, self::ACCEPTED_TYPE, "")) {
$type = $req->getHeaderLine("Content-Type") ?? ""; return new EmptyResponse(415, ['Accept' => self::ACCEPTED_TYPE]);
if (strlen($type) && strtolower($type) !== self::ACCEPTED_TYPES) {
return new EmptyResponse(415, ['Accept' => self::ACCEPTED_TYPES]);
}
} }
try { try {
$func = self::FUNCTIONS[$process][$method]; $func = self::FUNCTIONS[$process][$method];

Write Preview
Loading…
Cancel
Save