Esempio n. 1
0
 /**
  * Extract "login" and "password" credentials from HTTP-request
  *
  * Returns plain array with 2 items: login and password respectively
  *
  * @return array
  */
 public function getCredentials()
 {
     $server = $this->request->getServerValue();
     $user = '';
     $pass = '';
     if (empty($server['HTTP_AUTHORIZATION'])) {
         foreach ($server as $k => $v) {
             if (substr($k, -18) === 'HTTP_AUTHORIZATION' && !empty($v)) {
                 $server['HTTP_AUTHORIZATION'] = $v;
                 break;
             }
         }
     }
     if (isset($server['PHP_AUTH_USER']) && isset($server['PHP_AUTH_PW'])) {
         $user = $server['PHP_AUTH_USER'];
         $pass = $server['PHP_AUTH_PW'];
     } elseif (!empty($server['HTTP_AUTHORIZATION'])) {
         /**
          * IIS Note: for HTTP authentication to work with IIS,
          * the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
          */
         $auth = $server['HTTP_AUTHORIZATION'];
         list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
     } elseif (!empty($server['Authorization'])) {
         $auth = $server['Authorization'];
         list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
     }
     return [$user, $pass];
 }