Plugin.php

Go to the documentation of this file.

<?php

namespace Sabre\DAV\Auth;

use Sabre\DAV\Exception\NotAuthenticated;
use Sabre\DAV\Server;
use Sabre\DAV\ServerPlugin;
use Sabre\HTTP\RequestInterface;
use Sabre\HTTP\ResponseInterface;

class Plugin extends ServerPlugin {

    public $autoRequireLogin = true;

    protected $backends;

    protected $currentPrincipal;

    function __construct(Backend\BackendInterface $authBackend = null) {

        if (!is_null($authBackend)) {
            $this->addBackend($authBackend);
        }

    }

    function addBackend(Backend\BackendInterface $authBackend) {

        $this->backends[] = $authBackend;

    }

    function initialize(Server $server) {

        $server->on('beforeMethod', [$this, 'beforeMethod'], 10);

    }

    function getPluginName() {

        return 'auth';

    }

    function getCurrentPrincipal() {

        return $this->currentPrincipal;

    }

    function beforeMethod(RequestInterface $request, ResponseInterface $response) {

        if ($this->currentPrincipal) {

            // We already have authentication information. This means that the
            // event has already fired earlier, and is now likely fired for a
            // sub-request.
            //
            // We don't want to authenticate users twice, so we simply don't do
            // anything here. See Issue #700 for additional reasoning.
            //
            // This is not a perfect solution, but will be fixed once the
            // "currently authenticated principal" is information that's not
            // not associated with the plugin, but rather per-request.
            //
            // See issue #580 for more information about that.
            return;

        }

        $authResult = $this->check($request, $response);

        if ($authResult[0]) {
            // Auth was successful
            $this->currentPrincipal = $authResult[1];
            $this->loginFailedReasons = null;
            return;
        }



        // If we got here, it means that no authentication backend was
        // successful in authenticating the user.
        $this->currentPrincipal = null;
        $this->loginFailedReasons = $authResult[1];

        if ($this->autoRequireLogin) {
            $this->challenge($request, $response);
            throw new NotAuthenticated(implode(', ', $authResult[1]));
        }

    }

    function check(RequestInterface $request, ResponseInterface $response) {

        if (!$this->backends) {
            throw new \Sabre\DAV\Exception('No authentication backends were configured on this server.');
        }
        $reasons = [];
        foreach ($this->backends as $backend) {

            $result = $backend->check(
                $request,
                $response
            );

            if (!is_array($result) || count($result) !== 2 || !is_bool($result[0]) || !is_string($result[1])) {
                throw new \Sabre\DAV\Exception('The authentication backend did not return a correct value from the check() method.');
            }

            if ($result[0]) {
                $this->currentPrincipal = $result[1];
                // Exit early
                return [true, $result[1]];
            }
            $reasons[] = $result[1];

        }

        return [false, $reasons];

    }

    function challenge(RequestInterface $request, ResponseInterface $response) {

        foreach ($this->backends as $backend) {
            $backend->challenge($request, $response);
        }

    }

    protected $loginFailedReasons;

    function getLoginFailedReasons() {

        return $this->loginFailedReasons;

    }

    function getPluginInfo() {

        return [
            'name'        => $this->getPluginName(),
            'description' => 'Generic authentication plugin',
            'link'        => 'http://sabre.io/dav/authentication/',
        ];

    }

}