mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-22 00:42:54 +02:00
Code Issues Projects Releases Wiki Activity

MDL-62702 core_lib: fix broken verification signature

Browse Source
This commit is contained in:
Viktor 2019-02-04 16:10:25 +08:00 committed by Jenkins
parent 1a8b1f2724
commit 898d5d05a0
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/ltiprovider/src/OAuth/OAuthRequest.php
View File

@ -17,7 +17,6 @@ class OAuthRequest {
// for debug purposes
public $base_string;
public static $version = '1.0';
public static $POST_INPUT = 'php://input';
function __construct($http_method, $http_url, $parameters = null) {
@ -60,8 +59,7 @@ class OAuthRequest {
$parameters = array();
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
// We have a Authorization-header with OAuth data. Parse the header and add those.
if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
@ -69,9 +67,7 @@ class OAuthRequest {
// If there are parameters in $_POST, these are likely what will be used. Therefore, they should be considered
// the final value in the case of any duplicates from sources parsed above.
foreach ($_POST as $key => $value) {
$parameters[$key] = OAuthUtil::urldecode_rfc3986($value);
}
$parameters = array_merge($parameters, $_POST);
}
return new OAuthRequest($http_method, $http_url, $parameters);