hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-17 23:13:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add configuration option to disable SSL requirement on API

Browse Source
This commit is contained in:
Thibaud Fabre
2016-05-24 15:38:59 +02:00
parent e37437084b
commit 888a2b4bb6
4 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/Alchemy/Phrasea/Controller/Api/OAuth2Controller.php
View File

@@ -16,6 +16,7 @@ use Alchemy\Phrasea\Authentication\Exception\AccountLockedException;
use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException;
use Alchemy\Phrasea\Authentication\Phrasea\PasswordAuthenticationInterface;
use Alchemy\Phrasea\Controller\Controller;
use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
use Alchemy\Phrasea\Core\Event\PostAuthenticate;
use Alchemy\Phrasea\Core\Event\PreAuthenticate;
use Alchemy\Phrasea\Core\PhraseaEvents;
@@ -174,8 +175,11 @@ class OAuth2Controller extends Controller
*/
public function tokenAction(Request $request)
{
if ( ! $request->isSecure()) {
throw new HttpException(400, 'This route requires the use of the https scheme', null, ['content-type' => 'application/json']);
/** @var PropertyAccess $config */
$config = $this->app['conf'];
if ( ! $request->isSecure() && $config->get(['main', 'api_require_ssl'], true) == true) {
throw new HttpException(400, 'This route requires the use of the https scheme: ' . $config->get(['main', 'api_require_ssl']), null, ['content-type' => 'application/json']);
}
$this->oAuth2Adapter->grantAccessToken($request);