/** * When this method is called, the backend must check if authentication was * successful. * * The returned value must be one of the following * * [true, "principals/username"] * [false, "reason for failure"] * * If authentication was successful, it's expected that the authentication * backend returns a so-called principal url. * * Examples of a principal url: * * principals/admin * principals/user1 * principals/users/joe * principals/uid/123457 * * If you don't use WebDAV ACL (RFC3744) we recommend that you simply * return a string such as: * * principals/users/[username] * * @param RequestInterface $request * @param ResponseInterface $response * @return array */ function check(RequestInterface $request, ResponseInterface $response) { $auth = new HTTP\Auth\Bearer($this->realm, $request, $response); $bearerToken = $auth->getToken($request); if (!$bearerToken) { return [false, "No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured"]; } $principalUrl = $this->validateBearerToken($bearerToken); if (!$principalUrl) { return [false, "Bearer token was incorrect"]; } return [true, $principalUrl]; }
function testGetCredentialsNotBearer() { $request = new Request('GET', '/', ['Authorization' => 'QBearer 12345']); $bearer = new Bearer('Dagger', $request, new Response()); $this->assertNull($bearer->getToken($request)); }