fix #2783 CGIモードでJWT認証が可能になるようにしたい (#2784)

* fix #2783 CGIモードでJWT認証が可能になるようにしたい * middlewareの定義のテスト修正およびより効率的なmiddleware登録メソッドへの変更
baserproject · Oct 5, 2023 · 39d798a · 39d798a
1 parent 68c90e6
commit 39d798a
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 3 deletions.
diff --git a/plugins/baser-core/src/Middleware/BcRequestFilterMiddleware.php b/plugins/baser-core/src/Middleware/BcRequestFilterMiddleware.php
@@ -52,6 +52,15 @@ public function process(
             return new Response();
         }
 
+        /**
+         * CGIモード等PHPでJWT認証で必要なAuthorizationヘッダーが取得出来ないできない場合、REDIRECT_HTTP_AUTHORIZATION環境変数より取得する
+         * .htaccess等に下記を記載することで動作可能とする
+         * SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+         */
+        if (empty($request->getHeader('Authorization')) && $request->getEnv('REDIRECT_HTTP_AUTHORIZATION')) {
+            $request = $request->withHeader('Authorization', $request->getEnv('REDIRECT_HTTP_AUTHORIZATION'));
+        }
+
         if(BcUtil::isInstalled()) $this->redirectIfIsDeviceFile($request, $handler);
 
         return $handler->handle($request);

diff --git a/plugins/baser-core/src/Plugin.php b/plugins/baser-core/src/Plugin.php
@@ -279,10 +279,10 @@ function loadPlugin(PluginApplicationInterface $application, $plugin, $priority)
     public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
     {
         $middlewareQueue
+            ->prepend(new BcRequestFilterMiddleware())
             ->insertBefore(CsrfProtectionMiddleware::class, new AuthenticationMiddleware($this))
             ->add(new BcAdminMiddleware())
             ->add(new BcFrontMiddleware())
-            ->add(new BcRequestFilterMiddleware())
             ->add(new BcRedirectSubSiteFilter());
 
         // APIへのアクセスの場合、セッションによる認証以外は、CSRFを利用しない設定とする

diff --git a/plugins/baser-core/tests/TestCase/PluginTest.php b/plugins/baser-core/tests/TestCase/PluginTest.php
@@ -16,12 +16,12 @@
 use BaserCore\Service\SiteConfigsServiceInterface;
 use BaserCore\TestSuite\BcTestCase;
 use BaserCore\Utility\BcUtil;
+use BaserCore\Middleware\BcRequestFilterMiddleware;
 use Cake\Core\Configure;
 use Cake\Core\Container;
 use Cake\Event\EventManager;
 use Cake\Http\Middleware\CsrfProtectionMiddleware;
 use Cake\Http\MiddlewareQueue;
-use Authentication\Middleware\AuthenticationMiddleware;
 use Cake\Routing\Router;
 use Cake\Filesystem\File;
 
@@ -176,7 +176,8 @@ public function testMiddleware(): void
         $middleware = new MiddlewareQueue();
         $middleware->add(CsrfProtectionMiddleware::class);
         $middlewareQueue = $this->Plugin->middleware($middleware);
-        $this->assertInstanceOf(AuthenticationMiddleware::class, $middlewareQueue->current());
+        $this->assertInstanceOf(BcRequestFilterMiddleware::class, $middlewareQueue->current());
+        $this->assertEquals(6, $middlewareQueue->count());
     }
 
     /**