/** * @expectedException \Acquia\Hmac\Exception\KeyNotFoundException */ public function testKeyNotFound() { $signer = new RequestSigner(); $request = new DummyRequest(); $request->headers = array('Content-Type' => 'text/plain', 'Date' => 'Fri, 19 Mar 1982 00:00:04 GMT', 'Authorization' => 'Acquia 2:' . DigestVersion1Test::EXPECTED_HASH); $authenticator = new RequestAuthenticator(new RequestSigner(), 0); $authenticator->authenticate($request, new DummyKeyLoader()); }
/** * @param GetResponseEvent $event * * Attempts to authenticate the user via hmac * * @throws MalformedRequestException * @throws TimestampOutOfRangeException * @throws KeyNotFoundException * @throws InvalidSignatureException * @throws \Exception */ public function onKernelRequest(GetResponseEvent $event) { if ('/api/doc' === $event->getRequest()->getRequestUri()) { return; } try { $requestWrapper = new RequestWrapper($event->getRequest()); $signer = (new RequestSigner(new ApiAuthDigest()))->setProvider('APIAuth'); $authenticator = new RequestAuthenticator($signer, '+15 minutes'); $authenticator->authenticate($requestWrapper, $this->authenticationService); } catch (\Exception $e) { $response = $this->dispatchResponseAsException($e); $event->setResponse($response); } }
/** * Ensures an exception is thrown if the request is missing the X-Authorization-Timestamp header. * * @expectedException \Acquia\Hmac\Exception\MalformedRequestException * @expectedExceptionMessage Request is missing X-Authorization-Timestamp. */ public function testMissingAuthenticationTimestampHeader() { $headers = ['Content-Type' => 'text/plain', 'Authorization' => 'acquia-http-hmac realm="Pipet service",' . 'id="bad-id",' . 'nonce="d1954337-5319-4821-8427-115542e08d10",' . 'version="2.0",' . 'headers="",' . 'signature="MRlPr/Z1WQY2sMthcaEqETRMw4gPYXlPcTpaLWS2gcc="']; $request = new Request('GET', 'https://example.com/test', $headers); $authenticator = new RequestAuthenticator(new MockKeyLoader($this->keys)); try { $authenticator->authenticate($request); } catch (MalformedRequestException $e) { $this->assertSame($request, $e->getRequest()); throw $e; } }
/** * Validate the HMAC Token * * @return boolean */ public function authenticate() { $signer = new RequestSigner(); $signer->setProvider('USF'); $authenticator = new RequestAuthenticator($signer, $this->_timeout); $key = $authenticator->authenticate($this->_requestWrapper, $this->_keyLoader); if ($key) { $this->principal = "[HMAC]" . $key->getId(); $this->attributes = []; return true; } return false; }
/** * Initializes the authenticator with a key loader, auth header, and comparison timestamp. * * @param \Acquia\Hmac\KeyLoaderInterface $keyLoader * A datastore used to locate secrets for corresponding IDs. * @param \Acquia\Hmac\AuthorizationHeaderInterface $authHeader * An optional custom authorization header. * @param int $timestamp * An optional custom timestamp by which to compare requests. */ public function __construct(KeyLoaderInterface $keyLoader, AuthorizationHeaderInterface $authHeader = null, $timestamp = null) { parent::__construct($keyLoader); $this->authHeader = $authHeader; $this->timestamp = $timestamp ?: time(); }