Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conditional Flag for checking for Access Token in header #57

Closed
alexmcroberts opened this issue May 14, 2013 · 0 comments
Closed

Conditional Flag for checking for Access Token in header #57

alexmcroberts opened this issue May 14, 2013 · 0 comments

Comments

@alexmcroberts
Copy link
Contributor

Are there any plans in place to force the library to only check for an Authorization header by passing in a variable. Doing this would be useful in situations where an API would only look for Authorization header. By passing in this flag to the Resource->isValid() method (and therefore into the Resource->determineAccessToken() method - the developer in this case is choosing to adopt the standards of the OAuth2 spec, whereby Authorization header is still supported, but the query param support is removed.

The official specification lays out how here - http://tools.ietf.org/html/rfc6749#section-7 - how it expects Authorization to take place when "Accessing Protected Resources" e.g. using our API. See bottom of paragraph two - how it expects the actual Access Token to be passed here http://tools.ietf.org/html/rfc6750#section-2
alexbilbie added a commit that referenced this issue Jun 2, 2013
@alexbilbie
Merge pull request #64 from alexmcroberts/develop
7da9e1a 
Conditional isValid flag to check for Authorization header only. Fixes #57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alexmcroberts