REST.rst: Add example with `x-Api-Key`. Add 'x-Api-Key' as processed header....

REST.rst: Add example with `x-Api-Key`. Add 'x-Api-Key' as processed header. Strip white spaces from value.

REST.rst: Add example with `x-Api-Key`. Add 'x-Api-Key' as processed header....
REST.rst: Add example with `x-Api-Key`. Add 'x-Api-Key' as processed header. Strip white spaces from value.
6c589520 · Carsten Rose · 4c4ef764 · 6c589520 · 6c589520 · 6c589520
Commit 6c589520 authored Apr 06, 2021 by Carsten Rose
--- a/Documentation-develop/REST.md
+++ b/Documentation-develop/REST.md
@@ -97,7 +97,14 @@ Header Token Authorization

 Example:

-    curl -X GET -H 'Authorization: Token token="mySuperSecretToken"' "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/"
+    curl -X GET -H 'Authorization: token="mySuperSecretToken"' "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/"
+
+or
+
+    curl -X GET -H 'X-Api-Key: token="mySuperSecretToken"' "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/"
+
+* Access the token via ``{{Authorization:C:alnumx}}`` or ``{{X-Api-Key:C:alnumx}}``.
+* The string ``token=`` is not used at all.

 Static token
 ------------

--- a/extension/Classes/Core/Constants.php
+++ b/extension/Classes/Core/Constants.php
@@ -1978,6 +1978,7 @@ const ATTRIBUTE_DATA_REFERENCE = 'data-reference';

 // REST
 const HTTP_HEADER_AUTHORIZATION = 'Authorization';
+const HTTP_HEADER_X_API_KEY = 'X-Api-Key';

 const HTTP_200_OK = '200 OK';
 const HTTP_201_CREATED = '201 Created';

--- a/extension/Classes/Core/Store/Client.php
+++ b/extension/Classes/Core/Store/Client.php
@@ -68,6 +68,9 @@ class Client {
    }

    /**
+     * Check for Header 'Authorization' and 'X-Api-Key' - no other headers will be checked.
+     * Explode the given header by '='. Use the header name as key (purge string 'token' from example)
+     *
     * @return array
     */
    private static function getHeader() {
@@ -81,7 +84,7 @@ class Client {

        $headers = getallheaders();

-        foreach ([HTTP_HEADER_AUTHORIZATION] as $key) {
+        foreach ([HTTP_HEADER_AUTHORIZATION, HTTP_HEADER_X_API_KEY] as $key) {
            if (isset($headers[$key])) {
                $line = $headers[$key];

@@ -90,7 +93,7 @@ class Client {
                // Header: 'Authorization: Token token=1234'
                $split = explode($delimiter, $line, 2);
                if (isset($split[1])) {
-                    $arr[$key] = OnString::trimQuote($split[1]);
+                    $arr[$key] = OnString::trimQuote(trim($split[1]));
                }
            }
        }