CODEWITHSUNDEEP
phprestcodeigniterjwt
The Megamind
The Megamind

Reputation: 337

Request Header missing authorisation - Codeigniter rest

I am creating a restful services with Codeigniter rest server and firebase php-jwt. Created an api to return list of operator. To access this api client has to send token in headers. Sample request is -

GET /index.php/operators/prepaid HTTP/1.1
Host: testing.mydomain.in
Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6IjExNTIxNCIsImlhdCI6MTUxNzk4MjU1NywiZXhwIjoxNTE4MDAwNTU3fQ.PZYh3OlSsKGo_ihPPSm7RrU5BbTNaeTN1fKlNcOZ2r4
Cache-Control: no-cache
Postman-Token: 933f3b1d-7934-d30a-11bf-f80f3912f433

controller code 

use \Firebase\JWT\JWT;
class Operators extends REST_Controller 
{
    private $_payload;

    public function __construct($config = 'rest')
    {
        parent::__construct($config);
        $token = $this->input->get_request_header('Authorization');
        if(!$token) {
            $output = array("Error" => "Access Denied");
            $this->response($output, REST_Controller::HTTP_UNAUTHORIZED);
        }
        try {
            $this->_payload = JWT::decode($token, $this->config->item('jwt_secret_key'),array('HS256'));
        } catch (Exception $ex) {
            $output = array("Error" => $ex->getMessage());
            $this->response($output, REST_Controller::HTTP_UNAUTHORIZED);
        }
        $this->load->model('Operators_Data');
    }       

    public function prepaid_get()
    { 
        $operators = $this->Operators_Data->getOperatorsByService(1);
        $this->response($operators);
    }
}

I am getting the following result

{
     "Error": "Access Denied"
}

Returned from controller constructor if token is not present.But i am sending the token in header authorisation.

This is working on my local host (it returns list of operator). but when i trying from testing server it always returning "Access Denied".

UPDATE : Pretty sure that server is ignoring "Authorization" header.

Also tried with 

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Settings in .htaccess

Any help is very much appreciated.

Upvotes: 7

Views: 11380

Answers (1)

flowdee
flowdee

Reputation: 633

Adding

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

at the top of the .htaccess file solved it in my case

Upvotes: 7

Related Questions