/**
* Handles request in order to authenticate.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse The response instance
*
* @return boolean TRUE if the authentication has been successful, else FALSE
*
* @throws \Exception
*/
public function handleRequest(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse)
{
// iterate over all servlets and return the matching one
/**
* @var string $urlPattern
* @var \AppserverIo\Http\Authentication\AuthenticationInterface $authenticationAdapter
*/
foreach ($this->authenticationAdapters as $urlPattern => $authenticationAdapter) {
// we'll match our URI against the URL pattern
if (fnmatch($urlPattern, $servletRequest->getServletPath() . $servletRequest->getPathInfo())) {
// the URI pattern matches, init the adapter and try to authenticate
// check if auth header is not set in coming request headers
if (!$servletRequest->hasHeader(Protocol::HEADER_AUTHORIZATION)) {
// send header for challenge authentication against client
$servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
}
// initialize the adapter with the current request
$authenticationAdapter->init($servletRequest->getHeader(HttpProtocol::HEADER_AUTHORIZATION), $servletRequest->getMethod());
// try to authenticate the request
$authenticated = $authenticationAdapter->authenticate();
if (!$authenticated) {
// send header for challenge authentication against client
$servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
}
return $authenticated;
}
}
// we did not find an adapter for that URI pattern, no authentication required then
return true;
}
/**
* Stores the data of the passed request in the also passed session.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The servlet request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpSessionInterface $session The session instance
*
* @return void
*/
protected function saveRequest(HttpServletRequestInterface $servletRequest, HttpSessionInterface $session)
{
// initialize an empty instance
$req = new \stdClass();
// set the data of the passed request
$req->requestUri = $servletRequest->getRequestUri();
$req->method = $servletRequest->getMethod();
$req->queryString = $servletRequest->getQueryString();
$req->documentRoot = $servletRequest->getDocumentRoot();
$req->serverName = $servletRequest->getServerName();
$req->bodyContent = $servletRequest->getBodyContent();
$req->cookies = $servletRequest->getCookies();
$req->headers = $servletRequest->getHeaders();
$req->principal = $servletRequest->getUserPrincipal();
$req->requestUrl = $servletRequest->getRequestUrl();
// store the data in the session
$session->putData(Constants::FORM_REQUEST, $req);
}
/**
* Returns the array with the $_GET vars.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance
*
* @return array The $_GET vars
*/
protected function initGetGlobals(HttpServletRequestInterface $servletRequest)
{
// check post type and set params to globals
if ($servletRequest->getMethod() == Protocol::METHOD_POST) {
parse_str($servletRequest->getQueryString(), $parameterMap);
} else {
$parameterMap = $servletRequest->getParameterMap();
}
return $parameterMap;
}
