From decfc2f14bae10cbbcb373bc5554369142af2efa Mon Sep 17 00:00:00 2001
From: David Rothstein <drothstein@gmail.com>
Date: Sat, 5 Apr 2014 19:55:33 -0400
Subject: [PATCH] Issue #2157017 by sun, rfay: DrupalHTTPRequestTestCase breaks
 on php-fpm [testbot PHP 5.4 blocker].

---
 modules/simpletest/tests/common.test        |  4 ++--
 modules/simpletest/tests/system_test.module | 19 +++++++++++++++++--
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/modules/simpletest/tests/common.test b/modules/simpletest/tests/common.test
index 44eecdcedab9..25d5c87312c2 100644
--- a/modules/simpletest/tests/common.test
+++ b/modules/simpletest/tests/common.test
@@ -1022,8 +1022,8 @@ class DrupalHTTPRequestTestCase extends DrupalWebTestCase {
     $result = drupal_http_request($auth);
 
     $this->drupalSetContent($result->data);
-    $this->assertRaw($username, '$_SERVER["PHP_AUTH_USER"] is passed correctly.');
-    $this->assertRaw($password, '$_SERVER["PHP_AUTH_PW"] is passed correctly.');
+    $this->assertRaw($username, 'Username is passed correctly.');
+    $this->assertRaw($password, 'Password is passed correctly.');
   }
 
   function testDrupalHTTPRequestRedirect() {
diff --git a/modules/simpletest/tests/system_test.module b/modules/simpletest/tests/system_test.module
index 8cb0e837fb97..2eda351e9a84 100644
--- a/modules/simpletest/tests/system_test.module
+++ b/modules/simpletest/tests/system_test.module
@@ -114,8 +114,23 @@ function system_test_sleep($seconds) {
 }
 
 function system_test_basic_auth_page() {
-  $output = t('$_SERVER[\'PHP_AUTH_USER\'] is @username.', array('@username' => $_SERVER['PHP_AUTH_USER']));
-  $output .= t('$_SERVER[\'PHP_AUTH_PW\'] is @password.', array('@password' => $_SERVER['PHP_AUTH_PW']));
+  // The Authorization HTTP header is forwarded via Drupal's .htaccess file even
+  // for PHP CGI SAPIs.
+  if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
+    $authorization_header = $_SERVER['HTTP_AUTHORIZATION'];
+  }
+  // If using CGI on Apache with mod_rewrite, the forwarded HTTP header appears
+  // in the redirected HTTP headers. See
+  // https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/ServerBag.php#L61
+  elseif (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
+    $authorization_header = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
+  }
+  // Resemble PHP_AUTH_USER and PHP_AUTH_PW for a Basic authentication from
+  // the HTTP_AUTHORIZATION header. See
+  // http://www.php.net/manual/features.http-auth.php
+  list($user, $pw) = explode(':', base64_decode(substr($authorization_header, 6)));
+  $output = t('Username is @username.', array('@username' => $user));
+  $output .= t('Password is @password.', array('@password' => $pw));
   return $output;
 }
 
-- 
GitLab