Auth/Adapter/Http.php

Show: PublicProtectedPrivateinherited
Table of Contents
Zend Framework
LICENSE This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_Auth  
Subpackage
Zend_Auth_Adapter_Http  
Version
$Id$  

\Zend_Auth_Adapter_Http

Package: Zend_Auth\Zend_Auth_Adapter_Http
HTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
Implements
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Todo
Support auth-int  
Todo
Track nonces, nonce-count, opaque for replay protection and stale support  
Todo
Support Authentication-Info header  

Properties

>VPropertyprotectedarray $_acceptSchemes
List of schemes this class will accept from the client
Details
Type
array
>VPropertyprotectedstring $_algo
The actual algorithm to use. Defaults to MD5
Details
Type
string
>VPropertyprotected\Zend_Auth_Adapter_Http_Resolver_Interface $_basicResolver
Object that looks up user credentials for the Basic scheme
>VPropertyprotected\Zend_Auth_Adapter_Http_Resolver_Interface $_digestResolver
Object that looks up user credentials for the Digest scheme
>VPropertyprotectedstring $_domains
Space-delimited list of protected domains for Digest Auth
Details
Type
string
>VPropertyprotectedboolean $_ieNoOpaque
Flag indicating the client is IE and didn't bother to return the opaque string
Details
Type
boolean
>VPropertyprotectedboolean $_imaProxy
Whether or not to do Proxy Authentication instead of origin server authentication (send 407's instead of 401's). Off by default.
Details
Type
boolean
>VPropertyprotectedinteger $_nonceTimeout
Nonce timeout period
Details
Type
integer
>VPropertyprotectedstring $_realm
The protection realm to use
Details
Type
string
>VPropertyprotected\Zend_Controller_Request_Http $_request
Reference to the HTTP Request object
>VPropertyprotected\Zend_Controller_Response_Http $_response
Reference to the HTTP Response object
>VPropertyprotectedarray $_supportedAlgos = array('MD5')
List of the supported digest algorithms. I want to support both MD5 and MD5-sess, but MD5-sess won't make it into the first version.
Default valuearray('MD5')Details
Type
array
>VPropertyprotectedarray $_supportedQops = array('auth')
List of supported qop options. My intetion is to support both 'auth' and 'auth-int', but 'auth-int' won't make it into the first version.
Default valuearray('auth')Details
Type
array
>VPropertyprotectedarray $_supportedSchemes = array('basic', 'digest')
List of authentication schemes supported by this class
Default valuearray('basic', 'digest')Details
Type
array
>VPropertyprotectedboolean $_useOpaque
Whether to send the opaque value in the header. True by default
Details
Type
boolean

Methods

methodpublic__construct(array $config) : void

Constructor

Parameters
NameTypeDescription
$configarray

Configuration settings: 'accept_schemes' => 'basic'|'digest'|'basic digest' 'realm' => 'digest_domains' => Space-delimited list of URIs 'nonce_timeout' => 'use_opaque' => Whether to send the opaque value in the header 'alogrithm' => See $_supportedAlgos. Default: MD5 'proxy_auth' => Whether to do authentication as a Proxy

Throws
ExceptionDescription
\Zend_Auth_Adapter_Exception
methodprotected_basicAuth(string $header) : \Zend_Auth_Result

Basic Authentication

Parameters
NameTypeDescription
$headerstring

Client's Authorization header

Returns
TypeDescription
\Zend_Auth_Result
Throws
ExceptionDescription
\Zend_Auth_Adapter_Exception
methodprotected_basicHeader() : string

Basic Header

Generates a Proxy- or WWW-Authenticate header value in the Basic authentication scheme.
Returns
TypeDescription
stringAuthenticate header value
methodprotected_calcNonce() : string

Calculate Nonce

Returns
TypeDescription
stringThe nonce value
methodprotected_calcOpaque() : string

Calculate Opaque

The opaque string can be anything; the client must return it exactly as it was sent. It may be useful to store data in this string in some applications. Ideally, a new value for this would be generated each time a WWW-Authenticate header is sent (in order to reduce predictability), but we would have to be able to create the same exact value across at least two separate requests from the same client.
Returns
TypeDescription
stringThe opaque value
methodprotected_challengeClient() : \Zend_Auth_Result

Challenge Client

Sets a 401 or 407 Unauthorized response code, and creates the appropriate Authenticate header(s) to prompt for credentials.
Returns
TypeDescription
\Zend_Auth_ResultAlways returns a non-identity Auth result
methodprotected_digestAuth(string $header) : \Zend_Auth_Result

Digest Authentication

Parameters
NameTypeDescription
$headerstring

Client's Authorization header

Returns
TypeDescription
\Zend_Auth_ResultValid auth result only on successful auth
Throws
ExceptionDescription
\Zend_Auth_Adapter_Exception
methodprotected_digestHeader() : string

Digest Header

Generates a Proxy- or WWW-Authenticate header value in the Digest authentication scheme.
Returns
TypeDescription
stringAuthenticate header value
methodprotected_parseDigestAuth(string $header) : array | false

Parse Digest Authorization header

Parameters
NameTypeDescription
$headerstring

Client's Authorization: HTTP header

Returns
TypeDescription
array | falseData elements from header, or false if any part of the header is invalid
methodprotected_secureStringCompare(string $a, string $b) : bool

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.

Parameters
NameTypeDescription
$astring
$bstring
Returns
TypeDescription
bool
methodpublicauthenticate() : \Zend_Auth_Result

Authenticate

Returns
TypeDescription
\Zend_Auth_Result
Throws
ExceptionDescription
\Zend_Auth_Adapter_Exception
methodpublicgetBasicResolver() : \Zend_Auth_Adapter_Http_Resolver_Interface

Getter for the _basicResolver property

methodpublicgetDigestResolver() : \Zend_Auth_Adapter_Http_Resolver_Interface

Getter for the _digestResolver property

methodpublicgetRequest() : \Zend_Controller_Request_Http

Getter for the Request object

Returns
TypeDescription
\Zend_Controller_Request_Http
methodpublicgetResponse() : \Zend_Controller_Response_Http

Getter for the Response object

Returns
TypeDescription
\Zend_Controller_Response_Http
methodpublicsetBasicResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_Http

Setter for the _basicResolver property

Parameters
NameTypeDescription
$resolver\Zend_Auth_Adapter_Http_Resolver_Interface
Returns
TypeDescription
\Zend_Auth_Adapter_HttpProvides a fluent interface
methodpublicsetDigestResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_Http

Setter for the _digestResolver property

Parameters
NameTypeDescription
$resolver\Zend_Auth_Adapter_Http_Resolver_Interface
Returns
TypeDescription
\Zend_Auth_Adapter_HttpProvides a fluent interface
methodpublicsetRequest(\Zend_Controller_Request_Http $request) : \Zend_Auth_Adapter_Http

Setter for the Request object

Parameters
NameTypeDescription
$request\Zend_Controller_Request_Http
Returns
TypeDescription
\Zend_Auth_Adapter_HttpProvides a fluent interface
methodpublicsetResponse(\Zend_Controller_Response_Http $response) : \Zend_Auth_Adapter_Http

Setter for the Response object

Parameters
NameTypeDescription
$response\Zend_Controller_Response_Http
Returns
TypeDescription
\Zend_Auth_Adapter_HttpProvides a fluent interface
Documentation was generated by phpDocumentor 2.2.0 .