Example #1
0
 /**
  * digest認証
  * @param string $auth_users ユーザ
  * @return boolean
  */
 public static function auth_digest($auth_users)
 {
     $data = self::http_digest_parse();
     if ($data === false) {
         return false;
     }
     list($scheme, $salt, $role) = self::get_data($data['username'], $auth_users);
     if ($scheme !== '{x-digest-md5}') {
         Utility::dieMessage('Auth::auth_digest(): Digest auth must be password scheme to <var>{x-digest-md5}</var>. To use this authicate method, please click <a href="' . Router::get_cmd_uri('passwd') . '">here</a> to (re)generate password.');
     }
     // $A1 = md5($data['username'] . ':' . $realm . ':' . $auth_users[$data['username']]);
     $A1 = $salt;
     $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
     $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
     if ($data['response'] !== $valid_response) {
         return false;
     }
     return true;
 }