-
Notifications
You must be signed in to change notification settings - Fork 9.4k
/
Copy pathAuthentication.php
95 lines (87 loc) · 2.71 KB
/
Authentication.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
/**
* Copyright © 2015 Magento. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Framework\HTTP;
/**
* Library for working with HTTP authentication
*/
class Authentication
{
/**
* Request object
*
* @var \Magento\Framework\App\RequestInterface
*/
protected $request;
/**
* Response object
*
* @var \Magento\Framework\App\ResponseInterface
*/
protected $response;
/**
* @param \Magento\Framework\App\RequestInterface $httpRequest
* @param \Magento\Framework\App\ResponseInterface $httpResponse
*/
public function __construct(
\Magento\Framework\App\RequestInterface $httpRequest,
\Magento\Framework\App\ResponseInterface $httpResponse
) {
$this->request = $httpRequest;
$this->response = $httpResponse;
}
/**
* Extract "login" and "password" credentials from HTTP-request
*
* Returns plain array with 2 items: login and password respectively
*
* @return array
*/
public function getCredentials()
{
$server = $this->request->getServerValue();
$user = '';
$pass = '';
if (empty($server['HTTP_AUTHORIZATION'])) {
foreach ($server as $k => $v) {
if (substr($k, -18) === 'HTTP_AUTHORIZATION' && !empty($v)) {
$server['HTTP_AUTHORIZATION'] = $v;
break;
}
}
}
if (isset($server['PHP_AUTH_USER']) && isset($server['PHP_AUTH_PW'])) {
$user = $server['PHP_AUTH_USER'];
$pass = $server['PHP_AUTH_PW'];
} elseif (!empty($server['HTTP_AUTHORIZATION'])) {
/**
* IIS Note: for HTTP authentication to work with IIS,
* the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
*/
$auth = $server['HTTP_AUTHORIZATION'];
list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
} elseif (!empty($server['Authorization'])) {
$auth = $server['Authorization'];
list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
}
return [$user, $pass];
}
/**
* Set "auth failed" headers to the specified response object
*
* @param string $realm
* @return void
*/
public function setAuthenticationFailed($realm)
{
$this->response->setStatusHeader(401, '1.1', 'Unauthorized');
$this->response->setHeader(
'WWW-Authenticate',
'Basic realm="' . $realm . '"'
)->setBody(
'<h1>401 Unauthorized</h1>'
);
}
}