/** * Handles unauthenticated access attempt. First the `unauthenticated()` method * of the last authenticator in the chain will be called. The authenticator can * handle sending response or redirection as appropriate and return `true` to * indicate no further action is necessary. If authenticator returns null this * method redirects user to login action. If it's an AJAX request and config * `ajaxLogin` is specified that element is rendered else a 403 HTTP status code * is returned. * * @param \Cake\Controller\Controller $controller A reference to the controller object. * @return \Cake\Network\Response|null Null if current action is login action * else response object returned by authenticate object or Controller::redirect(). */ protected function _unauthenticated(Controller $controller) { if (empty($this->_authenticateObjects)) { $this->constructAuthenticate(); } $auth = end($this->_authenticateObjects); $result = $auth->unauthenticated($this->request, $this->response); if ($result !== null) { return $result; } if (!$this->storage()->redirectUrl()) { $this->storage()->redirectUrl($this->request->here(false)); } if (!$controller->request->is('ajax')) { $this->flash($this->_config['authError']); $this->storage()->redirectUrl($controller->request->here(false)); return $controller->redirect($this->_config['loginAction']); } if (!empty($this->_config['ajaxLogin'])) { $controller->viewBuilder()->templatePath('Element'); $response = $controller->render($this->_config['ajaxLogin'], $this->RequestHandler->ajaxLayout); $response->statusCode(403); return $response; } $this->response->statusCode(403); return $this->response; }
/** * Enriches all of the passed audit logs to add the request * info metadata. * * @param Event The AuditStash.beforeLog event * @param array $logs The audit log event objects * @return void */ public function beforeLog(Event $event, array $logs) { $meta = ['ip' => $this->request->clientIp(), 'url' => $this->request->here(), 'user' => $this->user]; foreach ($logs as $log) { $log->setMetaInfo($log->getMetaInfo() + $meta); } }
/** * {@inheritDoc} */ public function getUser(Request $request) { $auth = $request->header('Authorization'); if (empty($auth) && function_exists('apache_request_headers')) { $headers = apache_request_headers(); $auth = empty($headers['Authorization']) ? null : $headers['Authorization']; } if (empty($auth)) { return false; } if (strpos($auth, ' ') === false) { return false; } list($authType, $authString) = explode(' ', $auth, 2); $authParams = explode(',', $authString); if (count($authParams) < 3) { return false; } switch (strtolower($authType)) { case 'url-encoded-api-key': $postFields = ['messageDigest' => $authParams[1], 'timestamp' => $authParams[2], 'message' => Router::fullBaseUrl() . $request->here()]; break; case 'nonce-encoded-api-key': case 'nonce-encoded-wssession-key': $postFields = ['nonceKey' => $authParams[1], 'messageDigest' => $authParams[2]]; break; default: //unknown auth type return false; } $postFields['wsId'] = $authParams[0]; $result = $this->client()->post("https://ws.byu.edu/authentication/services/rest/v1/provider/{$authType}/validate", $postFields); if (!$result || !$result->isOk()) { return false; } $response = json_decode($result->body(), true); if (empty($response['netId'])) { return false; } $response['username'] = $response['netId']; return $response; }
/** * Test the here() with space in URL * * @return void */ public function testHereWithSpaceInUrl() { Configure::write('App.base', ''); $_GET = ['/admin/settings/settings/prefix/Access_Control' => '']; $request = new Request('/admin/settings/settings/prefix/Access%20Control'); $result = $request->here(); $this->assertEquals('/admin/settings/settings/prefix/Access%20Control', $result); }
/** * Test the here() method * * @return void */ public function testHere() { Configure::write('App.base', '/base_path'); $q = array('test' => 'value'); $request = new Request(array('query' => $q, 'url' => '/posts/add/1/value', 'base' => '/base_path')); $result = $request->here(); $this->assertEquals('/base_path/posts/add/1/value?test=value', $result); $result = $request->here(false); $this->assertEquals('/posts/add/1/value?test=value', $result); $request = new Request(array('url' => '/posts/base_path/1/value', 'query' => array('test' => 'value'), 'base' => '/base_path')); $result = $request->here(); $this->assertEquals('/base_path/posts/base_path/1/value?test=value', $result); $result = $request->here(false); $this->assertEquals('/posts/base_path/1/value?test=value', $result); }
/** * Get the request context for an error/exception trace. * * @param \Cake\Network\Request $request The request to read from. * @return string */ protected function _requestContext($request) { $message = "\nRequest URL: " . $request->here(); $referer = $request->env('HTTP_REFERER'); if ($referer) { $message .= "\nReferer URL: " . $referer; } $clientIp = $request->clientIp(); if ($clientIp && $clientIp !== '::1') { $message .= "\nClient IP: " . $clientIp; } return $message; }