apache_request_headers drop-in function for PHP as FPM

apache_request_headers.php

<?php
// Drop-in replacement for apache_request_headers() when it's not available

if ( ! function_exists( 'apache_request_headers' ) ) {
	function apache_request_headers() {
		static $arrHttpHeaders;
		if ( ! $arrHttpHeaders ) {

			// Based on: http://www.iana.org/assignments/message-headers/message-headers.xml#perm-headers
			$arrCasedHeaders = array(
				// HTTP
				'Dasl'             => 'DASL',
				'Dav'              => 'DAV',
				'Etag'             => 'ETag',
				'Mime-Version'     => 'MIME-Version',
				'Slug'             => 'SLUG',
				'Te'               => 'TE',
				'Www-Authenticate' => 'WWW-Authenticate',
				// MIME
				'Content-Md5'      => 'Content-MD5',
				'Content-Id'       => 'Content-ID',
				'Content-Features' => 'Content-features',
			);
			$arrHttpHeaders  = array();

			foreach ( $_SERVER as $strKey => $mixValue ) {
				if ( 'HTTP_' !== substr( $strKey, 0, 5 ) ) {
					continue;
				}

				$strHeaderKey = strtolower( substr( $strKey, 5 ) );

				if ( 0 < substr_count( $strHeaderKey, '_' ) ) {
					$arrHeaderKey = explode( '_', $strHeaderKey );
					$arrHeaderKey = array_map( 'ucfirst', $arrHeaderKey );
					$strHeaderKey = implode( '-', $arrHeaderKey );
				} else {
					$strHeaderKey = ucfirst( $strHeaderKey );
				}

				if ( array_key_exists( $strHeaderKey, $arrCasedHeaders ) ) {
					$strHeaderKey = $arrCasedHeaders[ $strHeaderKey ];
				}

				$arrHttpHeaders[ $strHeaderKey ] = $mixValue;
			}

			/** in case you need authorization and your hosting provider has not fixed this for you:
			 * VHOST-Config:
			 * FastCgiExternalServer line needs    -pass-header Authorization
			 *
			 * .htaccess or VHOST-config file needs:
			 * SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
			 * to add the Authorization header to the environment for further processing
			 */
			if ( ! empty( $arrHttpHeaders['Authorization'] ) ) {
				// in case of Authorization, but the values not propagated properly, do so :)
				if ( ! isset( $_SERVER['PHP_AUTH_USER'] ) ) {
					list( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) = explode( ':', base64_decode( substr( $_SERVER['HTTP_AUTHORIZATION'], 6 ) ) );
				}
			}
		}

		return $arrHttpHeaders;
	}

	// execute now so other scripts have little chance to taint the information in $_SERVER
	// the data is cached, so multiple retrievals of the headers will not cause further impact on performance.
	apache_request_headers();
}

@chiragmshah70 I think I may have found your problem.
If I read it correctly, you have altered the code of my gist to read

	// execute now so other scripts have little chance to taint the information in $_SERVER
	// the data is cached, so multiple retrievals of the headers will not cause further impact on performance.
	$headers = apache_request_headers();
} else {
	$headers = apache_request_headers();
}
}

That's not what you should do.

You can embed the code in your own php file, but don't add an "else" class. just use $headers = apache_request_headers(); anywhere in your code., like so;

	// execute now so other scripts have little chance to taint the information in $_SERVER
	// the data is cached, so multiple retrievals of the headers will not cause further impact on performance.
	apache_request_headers();
}
// End of copy-paste code

// ... your own code ...

// Use apache headers like you normally would.
$headers = apache_request_headers();

Also I would suggest not embedding it, but rather download the file to an includes folder and use require_once to load the code.

Furthermore, I don't know what you are trying to do with the Authorization header, with the token, but that seems wrong. The Authorization header is usually something like this;

Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l

The code after Basic is base64 encoded and reads the username followed by a colon and ends with the password; aladdin:opensesame
@see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization#examples

I am aware my code above does not support the Digest Authorization scheme, but there is no authorization scheme matching your code, so I don't think I can help you with that.

@rmpel - Thanks a lot. I refactored the code as suggested above. The authorization string is passed with api call and compared with token to allow API access. The code was breaking and fixed it. now its working. I really appreciate your help. Thanks again.