/** * Check if request contains authentication info for adapter * * @param Mage_Api2_Model_Request $request * @return boolean */ public function isApplicableToRequest(Mage_Api2_Model_Request $request) { $headerValue = $request->getHeader('Authorization'); return $headerValue && 'oauth' === strtolower(substr($headerValue, 0, 5)); }
protected function filterBefore(Mage_Api2_Model_Request $request, Mage_Api2_Model_Response $response) { // Add generic CORS headers - this is not the 'right' way to do this, but Magento has no CORS support in Mage_Api2 $response->setHeader('Access-Control-Allow-Origin', '*', true); $response->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE', true); $response->setHeader('Access-Control-Allow-Headers', 'Content-Type', true); $response->setHeader('Access-Control-Max-Age', '86400', true); // Support credentials $response->setHeader('Access-Control-Allow-Credentials', 'true', true); $origin = $request->getHeader('Origin'); if ($origin) { try { $origin = Zend_Uri_Http::factory($origin); $response->setHeader('Access-Control-Allow-Origin', $origin->getUri(), true); } catch (Exception $e) { // NOOP } } Mage::dispatchEvent('api2_server_filter_before', ['request' => $request, 'response' => $response]); }