Auth/Adapter/Http.php
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled
with this package in the file LICENSE.txt.
It is also available through the world-wide-web at this URL:
http://framework.zend.com/license/new-bsd
If you did not receive a copy of the license and are unable to
obtain it through the world-wide-web, please send an email
to
[email protected] so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_Auth
- Subpackage
- Zend_Auth_Adapter_Http
- Version
- $Id$
\Zend_Auth_Adapter_Http
Package: Zend_Auth\Zend_Auth_Adapter_HttpHTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
- Implements
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Todo
- Support auth-int
- Todo
- Track nonces, nonce-count, opaque for replay protection and stale support
- Todo
- Support Authentication-Info header
Properties
array $_supportedAlgos = array('MD5')
List of the supported digest algorithms. I want to support both MD5 and
MD5-sess, but MD5-sess won't make it into the first version.
Default valuearray('MD5')
Details- Type
- array
array $_supportedQops = array('auth')
List of supported qop options. My intetion is to support both 'auth' and
'auth-int', but 'auth-int' won't make it into the first version.
Default valuearray('auth')
Details- Type
- array
array $_supportedSchemes = array('basic', 'digest')
List of authentication schemes supported by this class
Default valuearray('basic', 'digest')
Details- Type
- array
Methods
__construct(array $config) : void
ParametersName | Type | Description |
---|
$config | array | Configuration settings:
'accept_schemes' => 'basic'|'digest'|'basic digest'
'realm' =>
'digest_domains' => Space-delimited list of URIs
'nonce_timeout' =>
'use_opaque' => Whether to send the opaque value in the header
'alogrithm' => See $_supportedAlgos. Default: MD5
'proxy_auth' => Whether to do authentication as a Proxy |
---|
Throws _basicAuth(string $header) : \Zend_Auth_Result
ParametersName | Type | Description |
---|
$header | string | Client's Authorization header |
---|
ReturnsThrows _digestAuth(string $header) : \Zend_Auth_Result
ParametersName | Type | Description |
---|
$header | string | Client's Authorization header |
---|
ReturnsThrows _parseDigestAuth(string $header) : array | false
Parse Digest Authorization header
ParametersName | Type | Description |
---|
$header | string | Client's Authorization: HTTP header |
---|
ReturnsType | Description |
---|
array | false | Data elements from header, or false if any part of
the header is invalid |
_secureStringCompare(string $a, string $b) : bool
Securely compare two strings for equality while avoided C level memcmp()
optimisations capable of leaking timing information useful to an attacker
attempting to iteratively guess the unknown string (e.g. password) being
compared against.
ParametersName | Type | Description |
---|
$a | string | |
---|
$b | string | |
---|
Returns