public function beforeAuthentication()
{
if (!parent::beforeAuthentication()) {
return false;
}
//parse digest
if (!isset($_SERVER['PHP_AUTH_DIGEST'])) {
return false;
}
try {
$this->receivedDigest = new AHttpDigest($_SERVER['PHP_AUTH_DIGEST']);
} catch (Exception $e) {
throw new CHttpException(400, $e->getMessage());
}
//check if digest succesfully parsed and available for further processing
if (!$this->receivedDigest || !$this->receivedDigest->response) {
return false;
}
//get nonce from digest
$this->nonce = $this->getReceivedNonce();
if (!$this->nonce) {
return false;
}
//check nonce
if ($this->nonce->isExpired()) {
//tell client his authentantion data is stale
//so he can automatically reauthenticate, without asking the user
//for new credentials
$this->sendDigestResponseHeaders(true);
Yii::app()->end();
//halt execution
}
//Load an identity with only the username.
//The user password is not sent unencrypted over the wire in
//HTTP Digest Authentication, so it's not available for us to use here).
$this->identity = $this->loadIdentity($this->receivedDigest->username);
//Link challenge response callback to identity instance for digest authentication
//NOTE: this property will be available because loadIdentity() applies AIdentityBehaviorDigest to the identity instance.
$this->identity->challengeResponseCallback = array($this, 'testChallengeResponse');
return true;
}
