/** * digest認証 * @param string $auth_users ユーザ * @return boolean */ public static function auth_digest($auth_users) { $data = self::http_digest_parse(); if ($data === false) { return false; } list($scheme, $salt, $role) = self::get_data($data['username'], $auth_users); if ($scheme !== '{x-digest-md5}') { Utility::dieMessage('Auth::auth_digest(): Digest auth must be password scheme to <var>{x-digest-md5}</var>. To use this authicate method, please click <a href="' . Router::get_cmd_uri('passwd') . '">here</a> to (re)generate password.'); } // $A1 = md5($data['username'] . ':' . $realm . ':' . $auth_users[$data['username']]); $A1 = $salt; $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']); $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2); if ($data['response'] !== $valid_response) { return false; } return true; }