Esempio n. 1
0
 protected function sendRequest(StreamInterface $stream, HttpRequest $request)
 {
     $chunked = 'chunked' == strtolower(trim($request->getHeader('Transfer-Encoding', '')));
     $chunked = $chunked && $request->hasEntity();
     $compress = 'gzip' == strtolower(trim($request->getHeader('Content-Encoding', '')));
     $this->sendRequestLine($stream, $request);
     foreach ($request->getHeaders() as $n => $headers) {
         if ($n == 'content-length') {
             continue;
         }
         if (!$chunked && $n == 'transfer-encoding') {
             continue;
         }
         foreach ($headers as $header) {
             $stream->write(sprintf("%s: %s\r\n", $header[0], $header[1]));
         }
     }
     $encoded = [];
     foreach ($request->getCookies() as $k => $v) {
         $encoded[] = Uri::encode($k) . '=' . Uri::encode($v);
     }
     if (!empty($encoded)) {
         $stream->write(sprintf("Cookie: %s\r\n", implode('; ', $encoded)));
     }
     if (!$chunked) {
         $this->sendEntity($stream, $request, $compress);
     } else {
         $this->sendChunkedEntity($stream, $request, $compress);
     }
 }
Esempio n. 2
0
 protected function getDestinationPath(Uri $baseUri, HttpRequest $request)
 {
     if (!$request->hasHeader('Destination')) {
         throw new BadRequestException();
     }
     $dest = $request->getHeader('Destination');
     if (preg_match("'^(?:https?:)?//'i", $dest)) {
         try {
             $uri = new Uri($dest);
         } catch (\Exception $e) {
             throw new BadRequestException($e);
         }
         if (0 !== strpos((string) $uri, rtrim($baseUri, '/') . '/')) {
             throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
         }
         return Uri::decode(substr($uri->getPath(), strlen(rtrim($baseUri->getPath(), '/') . '/')));
     }
     if (preg_match("'^/.*'", $dest)) {
         $path = '/' . trim($dest, '/');
         $base = rtrim('/' . $baseUri->getPath(), '/') . '/';
         if (0 !== strpos($path, $base)) {
             throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
         }
         return Uri::decode(substr($path, strlen($base)));
     }
     throw new BadRequestException();
 }
Esempio n. 3
0
 public function handle($path, Uri $baseUri, HttpRequest $request, StorageInterface $storage)
 {
     if (!$request->isDelete()) {
         return;
     }
     $resource = $storage->findResource($path);
     if ($resource->isCollection() && $request->hasHeader('Depth')) {
         $depth = $request->getHeader('Depth', 'infinity');
         if ($depth != 'infinity') {
             throw new BadRequestException();
         }
     }
     $storage->beginTransaction();
     try {
         $storage->deleteResource($resource);
     } catch (\Exception $e) {
         $storage->rollBack();
         throw $e;
     }
     $storage->commit();
     return new HttpResponse(WebDav::CODE_NO_CONTENT);
 }
Esempio n. 4
0
 /**
  * {@inheritdoc}
  */
 public function updateCredentials(HttpRequest $request)
 {
     $this->setStatus(self::NO_CREDENTIALS);
     $this->username = NULL;
     $this->password = NULL;
     if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
         return;
     }
     $parts = preg_split("'\\s+'", $auth, 2);
     if (!is_array($parts) || count($parts) != 2 || strtolower($parts[0]) !== 'basic') {
         return;
     }
     $credentials = explode(':', (string) @base64_decode($parts[1]), 2);
     if (!is_array($credentials) || count($credentials) != 2) {
         return;
     }
     $username = $credentials[0];
     if (false !== ($index = strrpos($username, '\\\\'))) {
         $username = substr($username, $index + 1);
     }
     $this->username = trim($username);
     $this->password = trim($credentials[1]);
     $this->setStatus(self::AUTHENTICATION_NEEDED);
 }
Esempio n. 5
0
 public function updateCredentials(HttpRequest $request)
 {
     $this->setStatus(self::NO_CREDENTIALS);
     $this->type = NULL;
     $this->username = NULL;
     $this->domain = NULL;
     $this->workstation = NULL;
     $this->clientBlob = NULL;
     $this->clientHash = NULL;
     $this->flags = NULL;
     $this->auth = NULL;
     if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
         return;
     }
     $parts = preg_split("'\\s+'", $auth, 2);
     if (!is_array($parts) || count($parts) != 2 || strtoupper($parts[0]) !== 'NTLM') {
         return;
     }
     $this->setStatus(self::AUTHENTICATION_NEEDED);
     $auth = @base64_decode($parts[1]);
     if (self::NTLM_HEADER !== substr($auth, 0, 8)) {
         return;
     }
     $this->auth = $auth;
     // Unpack the message type sent by the client, must be one of 1 or 3.
     $type = (int) $this->readUnsignedLong($this->auth, 8);
     if (1 == $type) {
         $this->type = 1;
         $this->flags = (int) $this->readUnsignedLong($this->auth, 12);
     } elseif (3 == $type) {
         $this->type = 3;
         $this->domain = $this->readSecurityBuffer($this->auth, 28);
         $this->username = $this->readSecurityBuffer($this->auth, 36);
         $this->workstation = $this->readSecurityBuffer($this->auth, 44);
         if (false !== strpos($this->username, '@')) {
             $tmp = explode('@', $this->username, 2);
             $this->username = trim($tmp[0]);
             $this->domain = trim($tmp[1]);
         }
         $ntlm = $this->readSecurityBuffer($this->auth, 20, false);
         $this->clientHash = (string) substr($ntlm, 0, 16);
         $this->clientBlob = (string) substr($ntlm, 16);
     }
 }
Esempio n. 6
0
 protected function handleUnlock(ResourceInterface $resource, Uri $baseUri, HttpRequest $request, LockStorageInterface $storage)
 {
     if (!$resource instanceof LockableResourceInterface) {
         throw new MethodNotAllowedException();
     }
     if (!$resource->isLockSupported()) {
         throw new MethodNotAllowedException();
     }
     if (!$resource->isLocked()) {
         throw new LockTokenMatchesRequestUriException(WebDav::CODE_CONFLICT);
     }
     if (!$request->hasHeader('Lock-Token')) {
         throw new BadRequestException();
     }
     try {
         $tmp = $request->getHeader('Lock-Token', '');
         $m = NULL;
         if (!preg_match("'^<?urn:webdav:lock:([0-9a-f\\-]{36})>?\$'i", $tmp, $m)) {
             throw new BadRequestException();
         }
         $token = new UUID($m[1]);
     } catch (\InvalidArgumentException $e) {
         throw new BadRequestException($e);
     }
     $lockInfo = $resource->getLockInfo();
     if ($token != $lockInfo->getToken() || $lockInfo->getExpires() < new \DateTime()) {
         throw new LockTokenMatchesRequestUriException(WebDav::CODE_CONFLICT);
     }
     $storage->beginTransaction();
     try {
         $storage->removeLock($lockInfo);
     } catch (\Exception $e) {
         $storage->rollBack();
         throw $e;
     }
     $storage->commit();
     return new HttpResponse(Http::CODE_NO_CONTENT);
 }
Esempio n. 7
0
 /**
  * {@inheritdoc}
  */
 public function updateCredentials(HttpRequest $request)
 {
     $this->setStatus(self::NO_CREDENTIALS);
     $this->stale = false;
     $this->username = NULL;
     $this->realm = NULL;
     $this->nonce = NULL;
     $this->uri = NULL;
     $this->qop = NULL;
     $this->nc = NULL;
     $this->cnonce = NULL;
     $this->opaque = NULL;
     $this->response = NULL;
     $this->ha2 = NULL;
     if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
         return;
     }
     $parts = preg_split("'\\s+'", $auth, 2);
     if (!is_array($parts) || count($parts) != 2 || strtolower($parts[0]) !== 'digest') {
         return;
     }
     $digest = $this->parseDigest($parts[1], $request);
     $this->username = array_key_exists('username', $digest) ? (string) $digest['username'] : NULL;
     $this->realm = array_key_exists('realm', $digest) ? (string) $digest['realm'] : NULL;
     $this->nonce = array_key_exists('nonce', $digest) ? (string) $digest['nonce'] : NULL;
     $this->uri = $request->getRawUri();
     $this->qop = array_key_exists('qop', $digest) ? (string) $digest['qop'] : NULL;
     $this->nc = array_key_exists('nc', $digest) ? (string) $digest['nc'] : NULL;
     $this->cnonce = array_key_exists('cnonce', $digest) ? (string) $digest['cnonce'] : NULL;
     $this->opaque = array_key_exists('opaque', $digest) ? (string) $digest['opaque'] : NULL;
     $this->response = array_key_exists('response', $digest) ? (string) $digest['response'] : NULL;
     if ($this->auth->getQualityOfProtection() == HttpDigestAuthenticationProvider::QOP_AUTH_INT) {
         $this->ha2 = md5(sprintf('%s:%s:%s', $request->getMethod(false), $this->uri, $this->computeContentMd5($request)));
     } else {
         $this->ha2 = md5(sprintf('%s:%s', $request->getMethod(false), $this->uri));
     }
     $this->setStatus(self::AUTHENTICATION_NEEDED);
 }