diff options
Diffstat (limited to 'vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php')
-rw-r--r-- | vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php new file mode 100644 index 000000000..14993a014 --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php @@ -0,0 +1,101 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +use Sabre\HTTP; +use Sabre\DAV; + +/** + * HTTP Digest authentication backend class + * + * This class can be used by authentication objects wishing to use HTTP Digest + * Most of the digest logic is handled, implementors just need to worry about + * the getDigestHash method + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +abstract class AbstractDigest implements BackendInterface { + + /** + * This variable holds the currently logged in username. + * + * @var array|null + */ + protected $currentUser; + + /** + * Returns a users digest hash based on the username and realm. + * + * If the user was not known, null must be returned. + * + * @param string $realm + * @param string $username + * @return string|null + */ + abstract public function getDigestHash($realm, $username); + + /** + * Authenticates the user based on the current request. + * + * If authentication is successful, true must be returned. + * If authentication fails, an exception must be thrown. + * + * @param DAV\Server $server + * @param string $realm + * @throws DAV\Exception\NotAuthenticated + * @return bool + */ + public function authenticate(DAV\Server $server, $realm) { + + $digest = new HTTP\DigestAuth(); + + // Hooking up request and response objects + $digest->setHTTPRequest($server->httpRequest); + $digest->setHTTPResponse($server->httpResponse); + + $digest->setRealm($realm); + $digest->init(); + + $username = $digest->getUsername(); + + // No username was given + if (!$username) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('No digest authentication headers were found'); + } + + $hash = $this->getDigestHash($realm, $username); + // If this was false, the user account didn't exist + if ($hash===false || is_null($hash)) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('The supplied username was not on file'); + } + if (!is_string($hash)) { + throw new DAV\Exception('The returned value from getDigestHash must be a string or null'); + } + + // If this was false, the password or part of the hash was incorrect. + if (!$digest->validateA1($hash)) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('Incorrect username'); + } + + $this->currentUser = $username; + return true; + + } + + /** + * Returns the currently logged in username. + * + * @return string|null + */ + public function getCurrentUser() { + + return $this->currentUser; + + } + +} |