protected function sendRequest(StreamInterface $stream, HttpRequest $request)
{
$chunked = 'chunked' == strtolower(trim($request->getHeader('Transfer-Encoding', '')));
$chunked = $chunked && $request->hasEntity();
$compress = 'gzip' == strtolower(trim($request->getHeader('Content-Encoding', '')));
$this->sendRequestLine($stream, $request);
foreach ($request->getHeaders() as $n => $headers) {
if ($n == 'content-length') {
continue;
}
if (!$chunked && $n == 'transfer-encoding') {
continue;
}
foreach ($headers as $header) {
$stream->write(sprintf("%s: %s\r\n", $header[0], $header[1]));
}
}
$encoded = [];
foreach ($request->getCookies() as $k => $v) {
$encoded[] = Uri::encode($k) . '=' . Uri::encode($v);
}
if (!empty($encoded)) {
$stream->write(sprintf("Cookie: %s\r\n", implode('; ', $encoded)));
}
if (!$chunked) {
$this->sendEntity($stream, $request, $compress);
} else {
$this->sendChunkedEntity($stream, $request, $compress);
}
}
protected function getDestinationPath(Uri $baseUri, HttpRequest $request)
{
if (!$request->hasHeader('Destination')) {
throw new BadRequestException();
}
$dest = $request->getHeader('Destination');
if (preg_match("'^(?:https?:)?//'i", $dest)) {
try {
$uri = new Uri($dest);
} catch (\Exception $e) {
throw new BadRequestException($e);
}
if (0 !== strpos((string) $uri, rtrim($baseUri, '/') . '/')) {
throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
}
return Uri::decode(substr($uri->getPath(), strlen(rtrim($baseUri->getPath(), '/') . '/')));
}
if (preg_match("'^/.*'", $dest)) {
$path = '/' . trim($dest, '/');
$base = rtrim('/' . $baseUri->getPath(), '/') . '/';
if (0 !== strpos($path, $base)) {
throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
}
return Uri::decode(substr($path, strlen($base)));
}
throw new BadRequestException();
}
public function handle($path, Uri $baseUri, HttpRequest $request, StorageInterface $storage)
{
if (!$request->isDelete()) {
return;
}
$resource = $storage->findResource($path);
if ($resource->isCollection() && $request->hasHeader('Depth')) {
$depth = $request->getHeader('Depth', 'infinity');
if ($depth != 'infinity') {
throw new BadRequestException();
}
}
$storage->beginTransaction();
try {
$storage->deleteResource($resource);
} catch (\Exception $e) {
$storage->rollBack();
throw $e;
}
$storage->commit();
return new HttpResponse(WebDav::CODE_NO_CONTENT);
}
/**
* {@inheritdoc}
*/
public function updateCredentials(HttpRequest $request)
{
$this->setStatus(self::NO_CREDENTIALS);
$this->username = NULL;
$this->password = NULL;
if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
return;
}
$parts = preg_split("'\\s+'", $auth, 2);
if (!is_array($parts) || count($parts) != 2 || strtolower($parts[0]) !== 'basic') {
return;
}
$credentials = explode(':', (string) @base64_decode($parts[1]), 2);
if (!is_array($credentials) || count($credentials) != 2) {
return;
}
$username = $credentials[0];
if (false !== ($index = strrpos($username, '\\\\'))) {
$username = substr($username, $index + 1);
}
$this->username = trim($username);
$this->password = trim($credentials[1]);
$this->setStatus(self::AUTHENTICATION_NEEDED);
}
public function updateCredentials(HttpRequest $request)
{
$this->setStatus(self::NO_CREDENTIALS);
$this->type = NULL;
$this->username = NULL;
$this->domain = NULL;
$this->workstation = NULL;
$this->clientBlob = NULL;
$this->clientHash = NULL;
$this->flags = NULL;
$this->auth = NULL;
if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
return;
}
$parts = preg_split("'\\s+'", $auth, 2);
if (!is_array($parts) || count($parts) != 2 || strtoupper($parts[0]) !== 'NTLM') {
return;
}
$this->setStatus(self::AUTHENTICATION_NEEDED);
$auth = @base64_decode($parts[1]);
if (self::NTLM_HEADER !== substr($auth, 0, 8)) {
return;
}
$this->auth = $auth;
// Unpack the message type sent by the client, must be one of 1 or 3.
$type = (int) $this->readUnsignedLong($this->auth, 8);
if (1 == $type) {
$this->type = 1;
$this->flags = (int) $this->readUnsignedLong($this->auth, 12);
} elseif (3 == $type) {
$this->type = 3;
$this->domain = $this->readSecurityBuffer($this->auth, 28);
$this->username = $this->readSecurityBuffer($this->auth, 36);
$this->workstation = $this->readSecurityBuffer($this->auth, 44);
if (false !== strpos($this->username, '@')) {
$tmp = explode('@', $this->username, 2);
$this->username = trim($tmp[0]);
$this->domain = trim($tmp[1]);
}
$ntlm = $this->readSecurityBuffer($this->auth, 20, false);
$this->clientHash = (string) substr($ntlm, 0, 16);
$this->clientBlob = (string) substr($ntlm, 16);
}
}
protected function handleUnlock(ResourceInterface $resource, Uri $baseUri, HttpRequest $request, LockStorageInterface $storage)
{
if (!$resource instanceof LockableResourceInterface) {
throw new MethodNotAllowedException();
}
if (!$resource->isLockSupported()) {
throw new MethodNotAllowedException();
}
if (!$resource->isLocked()) {
throw new LockTokenMatchesRequestUriException(WebDav::CODE_CONFLICT);
}
if (!$request->hasHeader('Lock-Token')) {
throw new BadRequestException();
}
try {
$tmp = $request->getHeader('Lock-Token', '');
$m = NULL;
if (!preg_match("'^<?urn:webdav:lock:([0-9a-f\\-]{36})>?\$'i", $tmp, $m)) {
throw new BadRequestException();
}
$token = new UUID($m[1]);
} catch (\InvalidArgumentException $e) {
throw new BadRequestException($e);
}
$lockInfo = $resource->getLockInfo();
if ($token != $lockInfo->getToken() || $lockInfo->getExpires() < new \DateTime()) {
throw new LockTokenMatchesRequestUriException(WebDav::CODE_CONFLICT);
}
$storage->beginTransaction();
try {
$storage->removeLock($lockInfo);
} catch (\Exception $e) {
$storage->rollBack();
throw $e;
}
$storage->commit();
return new HttpResponse(Http::CODE_NO_CONTENT);
}
/**
* {@inheritdoc}
*/
public function updateCredentials(HttpRequest $request)
{
$this->setStatus(self::NO_CREDENTIALS);
$this->stale = false;
$this->username = NULL;
$this->realm = NULL;
$this->nonce = NULL;
$this->uri = NULL;
$this->qop = NULL;
$this->nc = NULL;
$this->cnonce = NULL;
$this->opaque = NULL;
$this->response = NULL;
$this->ha2 = NULL;
if ('' === ($auth = trim($request->getHeader('Authorization', '')))) {
return;
}
$parts = preg_split("'\\s+'", $auth, 2);
if (!is_array($parts) || count($parts) != 2 || strtolower($parts[0]) !== 'digest') {
return;
}
$digest = $this->parseDigest($parts[1], $request);
$this->username = array_key_exists('username', $digest) ? (string) $digest['username'] : NULL;
$this->realm = array_key_exists('realm', $digest) ? (string) $digest['realm'] : NULL;
$this->nonce = array_key_exists('nonce', $digest) ? (string) $digest['nonce'] : NULL;
$this->uri = $request->getRawUri();
$this->qop = array_key_exists('qop', $digest) ? (string) $digest['qop'] : NULL;
$this->nc = array_key_exists('nc', $digest) ? (string) $digest['nc'] : NULL;
$this->cnonce = array_key_exists('cnonce', $digest) ? (string) $digest['cnonce'] : NULL;
$this->opaque = array_key_exists('opaque', $digest) ? (string) $digest['opaque'] : NULL;
$this->response = array_key_exists('response', $digest) ? (string) $digest['response'] : NULL;
if ($this->auth->getQualityOfProtection() == HttpDigestAuthenticationProvider::QOP_AUTH_INT) {
$this->ha2 = md5(sprintf('%s:%s:%s', $request->getMethod(false), $this->uri, $this->computeContentMd5($request)));
} else {
$this->ha2 = md5(sprintf('%s:%s', $request->getMethod(false), $this->uri));
}
$this->setStatus(self::AUTHENTICATION_NEEDED);
}
