統計
| ブランチ: | リビジョン:

pictcode / lib / Cake / Network / Http / DigestAuthentication.php @ 635eef61

履歴 | 表示 | アノテート | ダウンロード (3.36 KB)

1 635eef61 spyder1211
<?php
2
/**
3
 * Digest authentication
4
 *
5
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
6
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
7
 *
8
 * Licensed under The MIT License
9
 * For full copyright and license information, please see the LICENSE.txt
10
 * Redistributions of files must retain the above copyright notice.
11
 *
12
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
13
 * @link          http://cakephp.org CakePHP(tm) Project
14
 * @package       Cake.Network.Http
15
 * @since         CakePHP(tm) v 2.0.0
16
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
17
 */
18
19
/**
20
 * Digest authentication
21
 *
22
 * @package       Cake.Network.Http
23
 */
24
class DigestAuthentication {
25
26
/**
27
 * Authentication
28
 *
29
 * @param HttpSocket $http Http socket instance.
30
 * @param array &$authInfo Authentication info.
31
 * @return void
32
 * @link http://www.ietf.org/rfc/rfc2617.txt
33
 */
34
        public static function authentication(HttpSocket $http, &$authInfo) {
35
                if (isset($authInfo['user'], $authInfo['pass'])) {
36
                        if (!isset($authInfo['realm']) && !static::_getServerInformation($http, $authInfo)) {
37
                                return;
38
                        }
39
                        $http->request['header']['Authorization'] = static::_generateHeader($http, $authInfo);
40
                }
41
        }
42
43
/**
44
 * Retrieve information about the authentication
45
 *
46
 * @param HttpSocket $http Http socket instance.
47
 * @param array &$authInfo Authentication info.
48
 * @return bool
49
 */
50
        protected static function _getServerInformation(HttpSocket $http, &$authInfo) {
51
                $originalRequest = $http->request;
52
                $http->configAuth(false);
53
                $http->request($http->request);
54
                $http->request = $originalRequest;
55
                $http->configAuth('Digest', $authInfo);
56
57
                if (empty($http->response['header']['WWW-Authenticate'])) {
58
                        return false;
59
                }
60
                preg_match_all('@(\w+)=(?:(?:")([^"]+)"|([^\s,$]+))@', $http->response['header']['WWW-Authenticate'], $matches, PREG_SET_ORDER);
61
                foreach ($matches as $match) {
62
                        $authInfo[$match[1]] = $match[2];
63
                }
64
                if (!empty($authInfo['qop']) && empty($authInfo['nc'])) {
65
                        $authInfo['nc'] = 1;
66
                }
67
                return true;
68
        }
69
70
/**
71
 * Generate the header Authorization
72
 *
73
 * @param HttpSocket $http Http socket instance.
74
 * @param array &$authInfo Authentication info.
75
 * @return string
76
 */
77
        protected static function _generateHeader(HttpSocket $http, &$authInfo) {
78
                $a1 = md5($authInfo['user'] . ':' . $authInfo['realm'] . ':' . $authInfo['pass']);
79
                $a2 = md5($http->request['method'] . ':' . $http->request['uri']['path']);
80
81
                if (empty($authInfo['qop'])) {
82
                        $response = md5($a1 . ':' . $authInfo['nonce'] . ':' . $a2);
83
                } else {
84
                        $authInfo['cnonce'] = uniqid();
85
                        $nc = sprintf('%08x', $authInfo['nc']++);
86
                        $response = md5($a1 . ':' . $authInfo['nonce'] . ':' . $nc . ':' . $authInfo['cnonce'] . ':auth:' . $a2);
87
                }
88
89
                $authHeader = 'Digest ';
90
                $authHeader .= 'username="' . str_replace(array('\\', '"'), array('\\\\', '\\"'), $authInfo['user']) . '", ';
91
                $authHeader .= 'realm="' . $authInfo['realm'] . '", ';
92
                $authHeader .= 'nonce="' . $authInfo['nonce'] . '", ';
93
                $authHeader .= 'uri="' . $http->request['uri']['path'] . '", ';
94
                $authHeader .= 'response="' . $response . '"';
95
                if (!empty($authInfo['opaque'])) {
96
                        $authHeader .= ', opaque="' . $authInfo['opaque'] . '"';
97
                }
98
                if (!empty($authInfo['qop'])) {
99
                        $authHeader .= ', qop="auth", nc=' . $nc . ', cnonce="' . $authInfo['cnonce'] . '"';
100
                }
101
                return $authHeader;
102
        }
103
104
}