/** * @throws HTTP_Exception_401 * @since 1.0 */ public function before() { parent::before(); // Check request signature if (Kohana::$config->load('hapi.require_signature') && !HAPI_Security::is_request_signature_valid($this->request)) { HAPI_Security::require_auth('Request signature was invalid'); } // Login using basic auth if (array_key_exists('authorization', $this->request->headers())) { HAPI_Security::login($this->request->headers('authorization')); } // Check that user is authenticated if ($this->_require_login && !HAPI_Security::is_request_authenticated($this->request)) { HAPI_Security::require_auth(); } // Instantiate the encoder object for the response (based on the Accept header) $this->response_encoder = $this->_get_response_encoder(); // Set current language $supported_languages = Kohana::$config->load('hapi.supported_languages'); $preferred_language = $this->request->headers()->preferred_language($supported_languages); if ($preferred_language) { I18n::lang($preferred_language); } $extract_array = function ($keys) { if (empty($keys)) { return []; } return explode(',', $keys); }; // Filter response keys $this->_paths = $extract_array($this->request->query('paths')); }
/** * Sign and execute the request * * @return Response */ public function execute() { // Timestamp for avoiding identical signatures $this->query('ts', (string) time()); if ($this->hapi_profile_settings === NULL) { $this->load_config(); } // Add signature to the request $signature = HAPI_Security::calculate_hmac($this, $this->hapi_profile_settings['private_key']); $this->headers('X-Auth', $this->hapi_profile_settings['public_key']); $this->headers('X-Auth-Hash', $signature); // Add Authorization header if not present if (!array_key_exists('Authorization', $this->headers()) && Auth::instance()->logged_in()) { $this->headers('Authorization', $this->authorize(Auth::instance()->get_user())); } return parent::execute(); }