/**
* This method is called when a user could not be authenticated, and
* authentication was required for the current request.
*
* This gives you the opportunity to set authentication headers. The 401
* status code will already be set.
*
* In this case of Basic Auth, this would for example mean that the
* following header needs to be set:
*
* $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
*
* Keep in mind that in the case of multiple authentication backends, other
* WWW-Authenticate headers may already have been set, and you'll want to
* append your own WWW-Authenticate header instead of overwriting the
* existing one.
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @return void
*/
function challenge(RequestInterface $request, ResponseInterface $response)
{
$auth = new HTTP\Auth\Digest($this->realm, $request, $response);
$auth->init();
$oldStatus = $response->getStatus() ?: 200;
$auth->requireLogin();
// Preventing the digest utility from modifying the http status code,
// this should be handled by the main plugin.
$response->setStatus($oldStatus);
}
