public function startAuthentication(TokenInterface $token, HttpRequest $request, HttpResponse $response) { if (!$token instanceof NtlmAuthToken) { throw new SecurityException(sprintf('Invalid token %s passed to %s', get_class($token), get_class($this))); } $response->setStatus(Http::CODE_UNAUTHORIZED); $response->setReason(Http::getReason(Http::CODE_UNAUTHORIZED)); if ($token->isMessage1()) { $message = $token->getChallengeMessage($this->provider->createChallenge($this->context)); $response->addHeader('WWW-Authenticate', sprintf('NTLM %s', base64_encode($message))); } else { $response->addHeader('WWW-Authenticate', 'NTLM'); } }
/** * {@inheritdoc} */ public function startAuthentication(TokenInterface $token, HttpRequest $request, HttpResponse $response) { if (!$token instanceof HttpDigestToken) { throw new SecurityException(sprintf('Invalid token %s passed to %s', get_class($token), get_class($this))); } $params = ['realm' => $this->auth->getRealm(), 'qop' => $this->auth->getQualityOfProtection(), 'opaque' => $this->auth->getOpaque(), 'nonce' => $this->auth->createNonce($this->securityContext)]; if ($token->isStale()) { $params['stale'] = true; } $authString = 'Digest '; $i = 0; foreach ($params as $name => $value) { if ($i++ > 0) { $authString .= ','; } if (is_bool($value)) { $authString .= sprintf('%s=%s', $name, $value ? 'true' : 'false'); } elseif (is_numeric($value)) { $authString .= sprintf('%s=%s', $name, $value); } else { $authString .= sprintf('%s="%s"', $name, str_replace('"', '\\"', trim($value))); } } $response->setStatus(Http::CODE_UNAUTHORIZED); $response->setReason(Http::getReason(Http::CODE_UNAUTHORIZED)); $response->addHeader('WWW-Authenticate', $authString); }
/** * {@inheritdoc} */ public function startAuthentication(TokenInterface $token, HttpRequest $request, HttpResponse $response) { if (!$token instanceof HttpBasicToken) { throw new SecurityException(sprintf('Invalid token %s passed to %s', get_class($token), get_class($this))); } $response->setStatus(Http::CODE_UNAUTHORIZED); $response->setReason(Http::getReason(Http::CODE_UNAUTHORIZED)); $response->addHeader('WWW-Authenticate', sprintf('Basic realm="%s"', $this->auth->getRealm())); }