morgane/EverShelf
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

chore: auto-merge develop → main

Browse Source 
Triggered by: 0d00662 Fix Home Assistant integration auth compatibility.
This commit is contained in:
github-actions[bot]
2026-06-03 19:50:38 +00:00
parent d5b4a6c4da 0d006625fd
commit 3a938dd7fb
2 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/index.php
+19 -1
View File
@@ -61,6 +61,23 @@ if (($_GET['action'] ?? '') === 'app_bootstrap') {
exit;
}
// ── HA discovery (no token) — lets HACS config flow find the server ───────────
if (($_GET['action'] ?? '') === 'ha_info' && evershelfApiTokenRequired() && !evershelfApiTokenValid()) {
header('Content-Type: application/json; charset=utf-8');
$uniqueId = 'evershelf_' . substr(md5(__DIR__ . php_uname('n')), 0, 12);
echo json_encode([
'name' => 'EverShelf',
'instance' => env('INSTANCE_NAME', php_uname('n')),
'version' => _appVersion(),
'unique_id' => $uniqueId,
'has_token' => true,
'api_token_required' => true,
'api_version' => 1,
'items_count' => null,
], JSON_UNESCAPED_UNICODE);
exit;
}
// ── Google Drive OAuth callback — returns HTML, not JSON ──────────────────────
if (($_GET['action'] ?? '') === 'gdrive_oauth_callback') {
_gdriveHandleOAuthCallback();
@@ -1939,7 +1956,8 @@ function haGetInfo(PDO $db): void {
'instance' => env('INSTANCE_NAME', php_uname('n')),
'version' => _appVersion(),
'unique_id' => $uniqueId,
'has_token' => !empty(env('SETTINGS_TOKEN', '')),
'has_token' => evershelfApiTokenRequired(),
'api_token_required' => evershelfApiTokenRequired(),
'api_version' => 1,
'items_count' => $itemsCount,
], JSON_UNESCAPED_UNICODE);
api/lib/security.php
+7
View File
@@ -28,6 +28,13 @@ function evershelfGetProvidedApiToken(): string {
if (isset($_GET['api_token'])) {
return (string)$_GET['api_token'];
}
// Home Assistant ha-evershelf sends Authorization: Bearer (legacy)
$authHeader = $_SERVER['HTTP_AUTHORIZATION']
?? $_SERVER['REDIRECT_HTTP_AUTHORIZATION']
?? '';
if (preg_match('/^Bearer\s+(\S+)/i', $authHeader, $m)) {
return $m[1];
}
return evershelfGetProvidedApiTokenFromHeaders();
}