From 8bd67859ba6e7966e60816b8634a9d83b3a6278a Mon Sep 17 00:00:00 2001
From: Hannes Papenberg <info@joomlager.de>
Date: Fri, 17 May 2024 18:45:18 +0200
Subject: [PATCH] Fixing API authentication issue with Apache with PHP as
 cgi/fastCGI (#42593)

---
 plugins/api-authentication/token/src/Extension/Token.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/plugins/api-authentication/token/src/Extension/Token.php b/plugins/api-authentication/token/src/Extension/Token.php
index 1f72f1d355cfc..ecbc35016310f 100644
--- a/plugins/api-authentication/token/src/Extension/Token.php
+++ b/plugins/api-authentication/token/src/Extension/Token.php
@@ -113,6 +113,11 @@ public function onUserAuthenticate($credentials, $options, &$response): void
             }
         }
 
+        // Another Apache specific fix. See https://github.com/symfony/symfony/issues/1813
+        if (empty($authHeader)) {
+            $authHeader  = $this->getApplication()->getInput()->server->get('REDIRECT_HTTP_AUTHORIZATION', '', 'string');
+        }
+
         if (substr($authHeader, 0, 7) == 'Bearer ') {
             $parts       = explode(' ', $authHeader, 2);
             $tokenString = trim($parts[1]);