/** * Handles request in order to authenticate. * * @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance * @param \AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse The response instance * * @return boolean TRUE if the authentication has been successful, else FALSE * * @throws \Exception */ public function handleRequest(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse) { // iterate over all servlets and return the matching one /** * @var string $urlPattern * @var \AppserverIo\Http\Authentication\AuthenticationInterface $authenticationAdapter */ foreach ($this->authenticationAdapters as $urlPattern => $authenticationAdapter) { // we'll match our URI against the URL pattern if (fnmatch($urlPattern, $servletRequest->getServletPath() . $servletRequest->getPathInfo())) { // the URI pattern matches, init the adapter and try to authenticate // check if auth header is not set in coming request headers if (!$servletRequest->hasHeader(Protocol::HEADER_AUTHORIZATION)) { // send header for challenge authentication against client $servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader()); } // initialize the adapter with the current request $authenticationAdapter->init($servletRequest->getHeader(HttpProtocol::HEADER_AUTHORIZATION), $servletRequest->getMethod()); // try to authenticate the request $authenticated = $authenticationAdapter->authenticate(); if (!$authenticated) { // send header for challenge authentication against client $servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader()); } return $authenticated; } } // we did not find an adapter for that URI pattern, no authentication required then return true; }
/** * Stores the data of the passed request in the also passed session. * * @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The servlet request instance * @param \AppserverIo\Psr\Servlet\Http\HttpSessionInterface $session The session instance * * @return void */ protected function saveRequest(HttpServletRequestInterface $servletRequest, HttpSessionInterface $session) { // initialize an empty instance $req = new \stdClass(); // set the data of the passed request $req->requestUri = $servletRequest->getRequestUri(); $req->method = $servletRequest->getMethod(); $req->queryString = $servletRequest->getQueryString(); $req->documentRoot = $servletRequest->getDocumentRoot(); $req->serverName = $servletRequest->getServerName(); $req->bodyContent = $servletRequest->getBodyContent(); $req->cookies = $servletRequest->getCookies(); $req->headers = $servletRequest->getHeaders(); $req->principal = $servletRequest->getUserPrincipal(); $req->requestUrl = $servletRequest->getRequestUrl(); // store the data in the session $session->putData(Constants::FORM_REQUEST, $req); }
/** * Returns the array with the $_GET vars. * * @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance * * @return array The $_GET vars */ protected function initGetGlobals(HttpServletRequestInterface $servletRequest) { // check post type and set params to globals if ($servletRequest->getMethod() == Protocol::METHOD_POST) { parse_str($servletRequest->getQueryString(), $parameterMap); } else { $parameterMap = $servletRequest->getParameterMap(); } return $parameterMap; }