diff options
Diffstat (limited to 'vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend')
6 files changed, 429 insertions, 0 deletions
diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractBasic.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractBasic.php new file mode 100644 index 000000000..daa8bd8ad --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractBasic.php @@ -0,0 +1,87 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +use Sabre\DAV; +use Sabre\HTTP; + +/** + * HTTP Basic authentication backend class + * + * This class can be used by authentication objects wishing to use HTTP Basic + * Most of the digest logic is handled, implementors just need to worry about + * the validateUserPass method. + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author James David Low (http://jameslow.com/) + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +abstract class AbstractBasic implements BackendInterface { + + /** + * This variable holds the currently logged in username. + * + * @var string|null + */ + protected $currentUser; + + /** + * Validates a username and password + * + * This method should return true or false depending on if login + * succeeded. + * + * @param string $username + * @param string $password + * @return bool + */ + abstract protected function validateUserPass($username, $password); + + /** + * Returns information about the currently logged in username. + * + * If nobody is currently logged in, this method should return null. + * + * @return string|null + */ + public function getCurrentUser() { + return $this->currentUser; + } + + + /** + * Authenticates the user based on the current request. + * + * If authentication is successful, true must be returned. + * If authentication fails, an exception must be thrown. + * + * @param DAV\Server $server + * @param string $realm + * @throws DAV\Exception\NotAuthenticated + * @return bool + */ + public function authenticate(DAV\Server $server, $realm) { + + $auth = new HTTP\BasicAuth(); + $auth->setHTTPRequest($server->httpRequest); + $auth->setHTTPResponse($server->httpResponse); + $auth->setRealm($realm); + $userpass = $auth->getUserPass(); + if (!$userpass) { + $auth->requireLogin(); + throw new DAV\Exception\NotAuthenticated('No basic authentication headers were found'); + } + + // Authenticates the user + if (!$this->validateUserPass($userpass[0],$userpass[1])) { + $auth->requireLogin(); + throw new DAV\Exception\NotAuthenticated('Username or password does not match'); + } + $this->currentUser = $userpass[0]; + return true; + } + + +} + diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php new file mode 100644 index 000000000..14993a014 --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/AbstractDigest.php @@ -0,0 +1,101 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +use Sabre\HTTP; +use Sabre\DAV; + +/** + * HTTP Digest authentication backend class + * + * This class can be used by authentication objects wishing to use HTTP Digest + * Most of the digest logic is handled, implementors just need to worry about + * the getDigestHash method + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +abstract class AbstractDigest implements BackendInterface { + + /** + * This variable holds the currently logged in username. + * + * @var array|null + */ + protected $currentUser; + + /** + * Returns a users digest hash based on the username and realm. + * + * If the user was not known, null must be returned. + * + * @param string $realm + * @param string $username + * @return string|null + */ + abstract public function getDigestHash($realm, $username); + + /** + * Authenticates the user based on the current request. + * + * If authentication is successful, true must be returned. + * If authentication fails, an exception must be thrown. + * + * @param DAV\Server $server + * @param string $realm + * @throws DAV\Exception\NotAuthenticated + * @return bool + */ + public function authenticate(DAV\Server $server, $realm) { + + $digest = new HTTP\DigestAuth(); + + // Hooking up request and response objects + $digest->setHTTPRequest($server->httpRequest); + $digest->setHTTPResponse($server->httpResponse); + + $digest->setRealm($realm); + $digest->init(); + + $username = $digest->getUsername(); + + // No username was given + if (!$username) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('No digest authentication headers were found'); + } + + $hash = $this->getDigestHash($realm, $username); + // If this was false, the user account didn't exist + if ($hash===false || is_null($hash)) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('The supplied username was not on file'); + } + if (!is_string($hash)) { + throw new DAV\Exception('The returned value from getDigestHash must be a string or null'); + } + + // If this was false, the password or part of the hash was incorrect. + if (!$digest->validateA1($hash)) { + $digest->requireLogin(); + throw new DAV\Exception\NotAuthenticated('Incorrect username'); + } + + $this->currentUser = $username; + return true; + + } + + /** + * Returns the currently logged in username. + * + * @return string|null + */ + public function getCurrentUser() { + + return $this->currentUser; + + } + +} diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/Apache.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/Apache.php new file mode 100644 index 000000000..bdde16716 --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/Apache.php @@ -0,0 +1,63 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; +use Sabre\DAV; + +/** + * Apache authenticator + * + * This authentication backend assumes that authentication has been + * configured in apache, rather than within SabreDAV. + * + * Make sure apache is properly configured for this to work. + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +class Apache implements BackendInterface { + + /** + * Current apache user + * + * @var string + */ + protected $remoteUser; + + /** + * Authenticates the user based on the current request. + * + * If authentication is successful, true must be returned. + * If authentication fails, an exception must be thrown. + * + * @param DAV\Server $server + * @param string $realm + * @return bool + */ + public function authenticate(DAV\Server $server, $realm) { + + $remoteUser = $server->httpRequest->getRawServerValue('REMOTE_USER'); + if (is_null($remoteUser)) { + throw new DAV\Exception('We did not receive the $_SERVER[REMOTE_USER] property. This means that apache might have been misconfigured'); + } + + $this->remoteUser = $remoteUser; + return true; + + } + + /** + * Returns information about the currently logged in user. + * + * If nobody is currently logged in, this method should return null. + * + * @return array|null + */ + public function getCurrentUser() { + + return $this->remoteUser; + + } + +} + diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/BackendInterface.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/BackendInterface.php new file mode 100644 index 000000000..140adaa2e --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/BackendInterface.php @@ -0,0 +1,36 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +/** + * This is the base class for any authentication object. + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +interface BackendInterface { + + /** + * Authenticates the user based on the current request. + * + * If authentication is successful, true must be returned. + * If authentication fails, an exception must be thrown. + * + * @param \Sabre\DAV\Server $server + * @param string $realm + * @return bool + */ + function authenticate(\Sabre\DAV\Server $server,$realm); + + /** + * Returns information about the currently logged in username. + * + * If nobody is currently logged in, this method should return null. + * + * @return string|null + */ + function getCurrentUser(); + +} + diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/File.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/File.php new file mode 100644 index 000000000..c325b1e5b --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/File.php @@ -0,0 +1,77 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +use Sabre\DAV; + +/** + * This is an authentication backend that uses a file to manage passwords. + * + * The backend file must conform to Apache's htdigest format + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +class File extends AbstractDigest { + + /** + * List of users + * + * @var array + */ + protected $users = array(); + + /** + * Creates the backend object. + * + * If the filename argument is passed in, it will parse out the specified file fist. + * + * @param string|null $filename + */ + public function __construct($filename=null) { + + if (!is_null($filename)) + $this->loadFile($filename); + + } + + /** + * Loads an htdigest-formatted file. This method can be called multiple times if + * more than 1 file is used. + * + * @param string $filename + * @return void + */ + public function loadFile($filename) { + + foreach(file($filename,FILE_IGNORE_NEW_LINES) as $line) { + + if (substr_count($line, ":") !== 2) + throw new DAV\Exception('Malformed htdigest file. Every line should contain 2 colons'); + + list($username,$realm,$A1) = explode(':',$line); + + if (!preg_match('/^[a-zA-Z0-9]{32}$/', $A1)) + throw new DAV\Exception('Malformed htdigest file. Invalid md5 hash'); + + $this->users[$realm . ':' . $username] = $A1; + + } + + } + + /** + * Returns a users' information + * + * @param string $realm + * @param string $username + * @return string + */ + public function getDigestHash($realm, $username) { + + return isset($this->users[$realm . ':' . $username])?$this->users[$realm . ':' . $username]:false; + + } + +} diff --git a/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/PDO.php b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/PDO.php new file mode 100644 index 000000000..1bc6699b7 --- /dev/null +++ b/vendor/sabre/dav/lib/Sabre/DAV/Auth/Backend/PDO.php @@ -0,0 +1,65 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +/** + * This is an authentication backend that uses a file to manage passwords. + * + * The backend file must conform to Apache's htdigest format + * + * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/). + * @author Evert Pot (http://evertpot.com/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +class PDO extends AbstractDigest { + + /** + * Reference to PDO connection + * + * @var PDO + */ + protected $pdo; + + /** + * PDO table name we'll be using + * + * @var string + */ + protected $tableName; + + + /** + * Creates the backend object. + * + * If the filename argument is passed in, it will parse out the specified file fist. + * + * @param PDO $pdo + * @param string $tableName The PDO table name to use + */ + public function __construct(\PDO $pdo, $tableName = 'users') { + + $this->pdo = $pdo; + $this->tableName = $tableName; + + } + + /** + * Returns the digest hash for a user. + * + * @param string $realm + * @param string $username + * @return string|null + */ + public function getDigestHash($realm,$username) { + + $stmt = $this->pdo->prepare('SELECT username, digesta1 FROM '.$this->tableName.' WHERE username = ?'); + $stmt->execute(array($username)); + $result = $stmt->fetchAll(); + + if (!count($result)) return; + + return $result[0]['digesta1']; + + } + +} |