diff --git a/application/config/routes.config.php b/application/config/routes.config.php
index 68d4c9782..0bcf0eeaa 100644
--- a/application/config/routes.config.php
+++ b/application/config/routes.config.php
@@ -226,6 +226,7 @@
'route' => '/api',
'defaults' => [
'__API__' => true,
+ '__KEYAUTH__' => true,
'controller' => 'Omeka\Controller\Api',
],
],
@@ -247,6 +248,7 @@
'options' => [
'route' => '/api-local',
'defaults' => [
+ '__API__' => true,
'controller' => 'Omeka\Controller\ApiLocal',
],
],
diff --git a/application/src/Controller/Admin/UserController.php b/application/src/Controller/Admin/UserController.php
index ae02816eb..56844d59c 100644
--- a/application/src/Controller/Admin/UserController.php
+++ b/application/src/Controller/Admin/UserController.php
@@ -252,7 +252,7 @@ public function editAction()
if ($keyPersisted) {
$message = new Message(
- 'API key successfully created.
Here is your key ID and credential for access to the API. WARNING: "key_credential" will be unretrievable after you navigate away from this page.
key_identity: %1$s
key_credential: %2$s', // @translate
+ 'API key successfully created.
Here is your key ID and credential for access to the API. WARNING: "key_credential" will be unretrievable after you navigate away from this page.
key_identity=%1$s
key_credential=%2$s', // @translate
$keyId, $keyCredential
);
$message->setEscapeHtml(false);
diff --git a/application/src/Mvc/MvcListeners.php b/application/src/Mvc/MvcListeners.php
index 8c773ca31..785cb56e1 100644
--- a/application/src/Mvc/MvcListeners.php
+++ b/application/src/Mvc/MvcListeners.php
@@ -260,7 +260,7 @@ public function redirectToLogin(MvcEvent $event)
public function authenticateApiKey(MvcEvent $event)
{
$routeMatch = $event->getRouteMatch();
- if (!$routeMatch->getParam('__API__')) {
+ if (!$routeMatch->getParam('__KEYAUTH__')) {
// This is not an API request.
return;
}
diff --git a/application/src/Mvc/Status.php b/application/src/Mvc/Status.php
index 91548bd5f..75d0c1880 100644
--- a/application/src/Mvc/Status.php
+++ b/application/src/Mvc/Status.php
@@ -22,6 +22,11 @@ class Status
*/
protected $isApiRequest;
+ /**
+ * @var bool
+ */
+ protected $isKeyauthRequest;
+
/**
* @var bool
*/
@@ -105,6 +110,20 @@ public function isApiRequest()
return $this->isApiRequest;
}
+ /**
+ * Check whether the current HTTP request requires key authentication (api).
+ *
+ * @return bool
+ */
+ public function isKeyauthRequest()
+ {
+ if (isset($this->isKeyauthRequest)) {
+ return $this->isKeyauthRequest;
+ }
+ $this->isKeyauthRequest = (bool) $this->getRouteParam('__KEYAUTH__');
+ return $this->isKeyauthRequest;
+ }
+
/**
* Check whether the current HTTP request is an admin request.
*
diff --git a/application/src/Service/AuthenticationServiceFactory.php b/application/src/Service/AuthenticationServiceFactory.php
index 2088b3dba..1c4b3b2aa 100644
--- a/application/src/Service/AuthenticationServiceFactory.php
+++ b/application/src/Service/AuthenticationServiceFactory.php
@@ -36,8 +36,8 @@ public function __invoke(ContainerInterface $serviceLocator, $requestedName, arr
});
} else {
$userRepository = $entityManager->getRepository('Omeka\Entity\User');
- if ($status->isApiRequest()) {
- // Authenticate using key for API requests.
+ if ($status->isKeyauthRequest()) {
+ // Authenticate using key for requests that require key authentication.
$keyRepository = $entityManager->getRepository('Omeka\Entity\ApiKey');
$storage = new DoctrineWrapper(new NonPersistent, $userRepository);
$adapter = new KeyAdapter($keyRepository, $entityManager);