diff --git a/lib/classes/JsonApi/Middlewares/Auth/OAuth1Strategy.php b/lib/classes/JsonApi/Middlewares/Auth/OAuth1Strategy.php
deleted file mode 100644
index 113ee09afe62ae429a4ccbe1fedeec75d550e325..0000000000000000000000000000000000000000
--- a/lib/classes/JsonApi/Middlewares/Auth/OAuth1Strategy.php
+++ /dev/null
@@ -1,114 +0,0 @@
-<?php
-
-namespace JsonApi\Middlewares\Auth;
-
-use Psr\Http\Message\ResponseInterface as Response;
-use Psr\Http\Message\ServerRequestInterface as Request;
-
-class OAuth1Strategy implements Strategy
-{
- /** @var callable */
- protected $authenticator;
-
- /** @var Request */
- protected $request;
-
- /** @var ?\User */
- protected $user;
-
- /**
- * @param callable $authenticator
- */
- public function __construct(Request $request, $authenticator)
- {
- $this->request = $request;
- $this->authenticator = $authenticator;
-
- \OAuthStore::instance('PDO', ['conn' => \DBManager::get()]);
- }
-
- public function check()
- {
- return !is_null($this->user());
- }
-
- public function user()
- {
- if (!is_null($this->user)) {
- return $this->user;
- }
-
- $this->user = $this->detect();
-
- return $this->user;
- }
-
- public function addChallenge(Response $response)
- {
- return $response; //->withHeader('WWW-Authenticate', sprintf('Basic realm="%s"', 'Stud.IP JSON-API'));
- }
-
- private function detect(): ?\User
- {
- if (!\OAuthRequestVerifier::requestIsSigned()) {
- return null;
- }
-
- $uri = (string) $this->request->getUri();
- $method = $this->request->getMethod();
-
- if ('GET' === strtoupper(($method))) {
- $parameters = (array) $this->request->getQueryParams();
- } elseif ('POST' === strtoupper(($method))) {
- $parameters = (array) $this->request->getParsedBody();
- } else {
- $parameters = [];
- }
- $parameters = $this->getParamsFromAuthorizationHeader($this->request, $parameters);
-
- $req = new \OAuthRequestVerifier($uri, $method, $parameters);
-
- // Check oauth timestamp and deny access if timestamp is outdated
- if ($req->getParam('oauth_timestamp') < strtotime('-6 hours')) {
- return null;
- }
-
- $result = $req->verifyExtended('access');
-
- $query = 'SELECT user_id FROM api_oauth_user_mapping WHERE oauth_id = ?';
- $statement = \DBManager::get()->prepare($query);
- $statement->execute([$result['user_id']]);
-
- if (!$userId = $statement->fetchColumn()) {
- return null;
- }
-
- /** @var \User */
- return \User::find($userId);
- }
-
- private function getParamsFromAuthorizationHeader(Request $request, array $params): array
- {
- if ($request->hasHeader('Authorization')) {
- $auth = $request->getHeaderLine('Authorization');
- if (0 == strncasecmp($auth, 'OAuth', 4)) {
- foreach (explode(',', substr($auth, 6)) as $v) {
- if (!strpos($v, '=')) {
- continue;
- }
- $v = trim($v);
- list($name, $value) = explode('=', $v, 2);
- if (!empty($value) && '"' == $value[0] && '"' == substr($value, -1)) {
- $value = substr(substr($value, 1), 0, -1);
- }
-
- if (0 != strcasecmp($name, 'realm')) {
- $params[$name] = $value;
- }
- }
- }
- }
-
- return $params;
- }
-}
diff --git a/lib/classes/JsonApi/Middlewares/Authentication.php b/lib/classes/JsonApi/Middlewares/Authentication.php
index b84f6f97d8df57bf5d2fac444baefa20c9d8be54..bbcfef1f0238d5e9a2481d362fd39ca155733f32 100644
--- a/lib/classes/JsonApi/Middlewares/Authentication.php
+++ b/lib/classes/JsonApi/Middlewares/Authentication.php
@@ -107,7 +107,6 @@ class Authentication
'session' => new Auth\SessionStrategy(),
'basic' => new Auth\HttpBasicAuthStrategy($request, $this->authenticator),
'oauth2' => new Auth\OAuth2Strategy($request, $this->authenticator),
- 'oauth1' => new Auth\OAuth1Strategy($request, $this->authenticator),
];
foreach ($this->excluded_strategies as $strategy) {