Example #1
0
 /**
  * @throws HTTP_Exception_401
  * @since 1.0
  */
 public function before()
 {
     parent::before();
     // Check request signature
     if (Kohana::$config->load('hapi.require_signature') && !HAPI_Security::is_request_signature_valid($this->request)) {
         HAPI_Security::require_auth('Request signature was invalid');
     }
     // Login using basic auth
     if (array_key_exists('authorization', $this->request->headers())) {
         HAPI_Security::login($this->request->headers('authorization'));
     }
     // Check that user is authenticated
     if ($this->_require_login && !HAPI_Security::is_request_authenticated($this->request)) {
         HAPI_Security::require_auth();
     }
     // Instantiate the encoder object for the response (based on the Accept header)
     $this->response_encoder = $this->_get_response_encoder();
     // Set current language
     $supported_languages = Kohana::$config->load('hapi.supported_languages');
     $preferred_language = $this->request->headers()->preferred_language($supported_languages);
     if ($preferred_language) {
         I18n::lang($preferred_language);
     }
     $extract_array = function ($keys) {
         if (empty($keys)) {
             return [];
         }
         return explode(',', $keys);
     };
     // Filter response keys
     $this->_paths = $extract_array($this->request->query('paths'));
 }
Example #2
0
 /**
  * Sign and execute the request
  *
  * @return Response
  */
 public function execute()
 {
     // Timestamp for avoiding identical signatures
     $this->query('ts', (string) time());
     if ($this->hapi_profile_settings === NULL) {
         $this->load_config();
     }
     // Add signature to the request
     $signature = HAPI_Security::calculate_hmac($this, $this->hapi_profile_settings['private_key']);
     $this->headers('X-Auth', $this->hapi_profile_settings['public_key']);
     $this->headers('X-Auth-Hash', $signature);
     // Add Authorization header if not present
     if (!array_key_exists('Authorization', $this->headers()) && Auth::instance()->logged_in()) {
         $this->headers('Authorization', $this->authorize(Auth::instance()->get_user()));
     }
     return parent::execute();
 }