Example #1
0
 /**
  * Authenticate request
  *
  * @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request
  * @return void
  * @throws Exception
  */
 private function authenticate($request)
 {
     switch (strtolower($this->authN_type)) {
         case 'cas':
             // Use CAS authentication.
             $casAuth = new UsfAuthCAS($this->config['cas']);
             $casAuth->auth();
             //Authorization check
             $this->isAuthorized = $casAuth->isAuthorized($this->authZ_roles);
             //Add the username and entitlements to the request
             $request = $request->withHeader('AUTH_PRINCIPAL', $casAuth->getPrincipal());
             $request = $request->withHeader('AUTH_ENTITLEMENTS', $casAuth->getEntitlements());
             //Add all Attributes
             foreach ($casAuth->getAttributes() as $key => $value) {
                 $request = $request->withHeader('AUTH_ATTR_' . strtoupper($key), $value);
             }
             break;
         case 'token':
             // Use the USF Token Auth library.
             $tokenAuth = new UsfAuthToken($this->config['token']['app_id'], $this->config['token']['token_url']);
             $tokenAuth->setRequestMethod($request->getMethod());
             $tokenAuth->setReferrer($request->getHeader('HTTP_REFERER'));
             //Validate request token
             $tokenAuth->validateRequest($request->getHeader('HTTP_X_AUTH_TOKEN'));
             //Authorization check
             $this->isAuthorized = $tokenAuth->isAuthorized($this->authZ_roles);
             //Add the username and entitlements to the request
             $request = $request->withHeader('AUTH_PRINCIPAL', $tokenAuth->getPrincipal());
             $request = $request->withHeader('AUTH_ENTITLEMENTS', $tokenAuth->getEntitlements());
             //Add all Attributes
             foreach ($tokenAuth->getAttributes() as $key => $value) {
                 $request = $request->withHeader('AUTH_ATTR_' . strtoupper($key), $value);
             }
             break;
         case 'hmac':
             // HMAC authentication: https://github.com/acquia/http-hmac-spec
             $hmacAuth = new UsfAuthHmac($this->config['hmac']['keyRegistry']);
             if (!empty($this->config['hmac']['timeout'])) {
                 $hmacAuth->setTimeout($this->config['hmac']['timeout']);
             }
             $hmacAuth->setRequestWrapper(new Psr7Request($request));
             try {
                 $hmacAuth->authenticate();
                 $this->isAuthorized = true;
             } catch (\Exception $exception) {
                 $this->isAuthorized = false;
             }
             //Add the username to the request
             $request = $request->withHeader('AUTH_PRINCIPAL', $hmacAuth->getPrincipal());
             break;
         case 'permitall':
             // No authentication - let everyone in.
             $this->isAuthorized = true;
             break;
         case 'denyall':
             // No authentication - keep everyone out.
             $this->isAuthorized = false;
             break;
         default:
             throw new \Exception("Unknown Authentication type: " . $this->authN_type, 500);
             break;
     }
     return $request;
 }
Example #2
0
<?php

namespace USF\auth;

use Acquia\Hmac\RequestAuthenticator;
use Acquia\Hmac\RequestSigner;
require_once 'vendor/autoload.php';
$keyArray = ['apiKeyId' => 'secretKey'];
$auth = new UsfAuthHmac($keyArray);
$auth->setTimeout('+1 minutes');
if ($auth->authenticate()) {
    echo $auth->getPrincipal() . " blah";
} else {
    echo "auth failure";
}