authorization.rb in tdiary-5.3.0

- old
+ new
@@ -30,29 +30,29 @@
 					def login(env)
 						STDERR.puts "use #{@provider} authentication strategy"
 						req = ::Rack::Request.new(env)
 						env['rack.session']['tdiary.auth.redirect'] = "#{req.base_url}#{req.fullpath}"
 						redirect = File.join("#{req.base_url}#{req.path}", "#{::OmniAuth.config.path_prefix}/#{@provider}")
-						[302, {'Content-Type' => 'text/plain', 'Location' => redirect}, []]
+						[302, {'content-type' => 'text/plain', 'location' => redirect}, []]
 					end
 
 					def logout(env)
 						env['rack.session']['user_id'] = nil
 					end
 
 					def forbidden
-						[403, {'Content-Type' => 'text/plain'}, ['forbidden']]
+						[403, {'content-type' => 'text/plain'}, ['forbidden']]
 					end
 
 					def callback(env)
 						# reset sesstion to prevend session fixation attack
 						# see: http://www.ipa.go.jp/security/vuln/documents/website_security.pdf (section 1.4)
 						env['rack.session.options'][:renew] = true
 						auth = env['omniauth.auth']
 						env['rack.session']['auth'] = auth
 						env['REMOTE_USER'] = "#{auth.uid}@#{auth.provider}"
 						redirect = env['rack.session']['tdiary.auth.redirect'] || '/'
-						[302, {'Content-Type' => 'text/plain', 'Location' => redirect}, []]
+						[302, {'content-type' => 'text/plain', 'location' => redirect}, []]
 					end
 
 					def authenticate?(env)
 						env['omniauth.auth'] || env['rack.session']['auth']
 					end