ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
AbstractDigest.php
Go to the documentation of this file.
1<?php
2
3namespace Sabre\DAV\Auth\Backend;
4
5use Sabre\DAV;
6use Sabre\HTTP;
7use Sabre\HTTP\RequestInterface;
8use Sabre\HTTP\ResponseInterface;
9
21abstract class AbstractDigest implements BackendInterface {
22
31 protected $realm = 'SabreDAV';
32
38 protected $principalPrefix = 'principals/';
39
50 function setRealm($realm) {
51
52 $this->realm = $realm;
53
54 }
55
65 abstract function getDigestHash($realm, $username);
66
95 function check(RequestInterface $request, ResponseInterface $response) {
96
97 $digest = new HTTP\Auth\Digest(
98 $this->realm,
99 $request,
100 $response
101 );
102 $digest->init();
103
104 $username = $digest->getUsername();
105
106 // No username was given
107 if (!$username) {
108 return [false, "No 'Authorization: Digest' header found. Either the client didn't send one, or the server is misconfigured"];
109 }
110
111 $hash = $this->getDigestHash($this->realm, $username);
112 // If this was false, the user account didn't exist
113 if ($hash === false || is_null($hash)) {
114 return [false, "Username or password was incorrect"];
115 }
116 if (!is_string($hash)) {
117 throw new DAV\Exception('The returned value from getDigestHash must be a string or null');
118 }
119
120 // If this was false, the password or part of the hash was incorrect.
121 if (!$digest->validateA1($hash)) {
122 return [false, "Username or password was incorrect"];
123 }
124
125 return [true, $this->principalPrefix . $username];
126
127 }
128
150 function challenge(RequestInterface $request, ResponseInterface $response) {
151
152 $auth = new HTTP\Auth\Digest(
153 $this->realm,
154 $request,
155 $response
156 );
157 $auth->init();
158
159 $oldStatus = $response->getStatus() ?: 200;
160 $auth->requireLogin();
161
162 // Preventing the digest utility from modifying the http status code,
163 // this should be handled by the main plugin.
164 $response->setStatus($oldStatus);
165
166 }
167
168}
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
php
An exception for terminatinating execution or to throw for unit testing.
Sabre\DAV\Auth\Backend\AbstractDigest
HTTP Digest authentication backend class.
Definition: AbstractDigest.php:21
Sabre\DAV\Auth\Backend\AbstractDigest\getDigestHash
getDigestHash($realm, $username)
Returns a users digest hash based on the username and realm.
Sabre\DAV\Auth\Backend\AbstractDigest\setRealm
setRealm($realm)
Sets the authentication realm for this backend.
Definition: AbstractDigest.php:50
Sabre\DAV\Auth\Backend\AbstractDigest\check
check(RequestInterface $request, ResponseInterface $response)
When this method is called, the backend must check if authentication was successful.
Definition: AbstractDigest.php:95
Sabre\DAV\Auth\Backend\AbstractDigest\challenge
challenge(RequestInterface $request, ResponseInterface $response)
This method is called when a user could not be authenticated, and authentication was required for the...
Definition: AbstractDigest.php:150
Sabre\DAV\Exception
Main Exception class.
Definition: Exception.php:18
Sabre\HTTP\Auth\Digest
HTTP Digest Authentication handler.
Definition: Digest.php:30
$auth
$auth
Definition: fileserver.php:48
Sabre\DAV\Auth\Backend\BackendInterface
This is the base class for any authentication object.
Definition: BackendInterface.php:15
Sabre\HTTP\RequestInterface
The RequestInterface represents a HTTP request.
Definition: RequestInterface.php:12
Sabre\HTTP\ResponseInterface
This interface represents a HTTP response.
Definition: ResponseInterface.php:12
$response
$response
Definition: proxy_ylocal.php:39