X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=blobdiff_plain;f=token.php;fp=token.php;h=e934b141bf85ec9b59a8af5c2dfcb71e66597145;hp=e3cf8ffa715081a14136643d597a4cd463da87f1;hb=b21c09334335eab8a5d831a3aaaef1f6f9055d3c;hpb=409b55f4dbb4267e83e8ae2fda56f243ab8be250

diff --git a/token.php b/token.php
index e3cf8ff..e934b14 100644
--- a/token.php
+++ b/token.php
@@ -9,7 +9,14 @@
 // Include the common auth system files (including the OAuth2 Server object).
 require_once(__DIR__.'/authsystem.inc.php');
 
-// Handle a request for an OAuth2.0 Access Token and send the response to the client
-$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
+$errors = $utils->checkForSecureConnection();
 
+if (!count($errors)) {
+  // Handle a request for an OAuth2.0 Access Token and send the response to the client
+  $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
+}
+else {
+  print(json_encode(array('error' => 'insecure_connection',
+                          'error_description' => 'Your connection is insecure. Token requests can only be made on secure connections.')));
+}
 ?>