protected function _httpAuth() { $config = array('accept_schemes' => 'digest', 'realm' => Bbx_Config::get()->site->location, 'digest_domains' => '/', 'nonce_timeout' => 3600); $adaptor = new Zend_Auth_Adapter_Http($config); $this->_resolver = new Bbx_Auth_Resolver_Db(); $adaptor->setDigestResolver($this->_resolver)->setRequest($this->getRequest())->setResponse($this->getResponse()); try { $auth = $adaptor->authenticate(); if (!$auth->isValid()) { if (isset($this->_redirect)) { $body = $this->_getRedirectBody(); } else { $body = $this->_get403Body(); } $this->getResponse()->setHttpResponseCode(401)->setBody($body)->sendResponse(); exit; } return $auth->isValid(); } catch (Exception $e) { Bbx_Log::write('Exception during authentication: ' . $e->getMessage()); throw new Bbx_Controller_Rest_Exception(null, 401); } }
/** * Acts like a client sending the given Authenticate header value. * * @param string $clientHeader Authenticate header value * @param string $scheme Which authentication scheme to use * @return array Containing the result, the response headers, and the status */ public function _doAuth($clientHeader, $scheme) { // Set up stub request and response objects $request = $this->getMock('Zend_Controller_Request_Http'); $response = new Zend_Controller_Response_Http(); $response->setHttpResponseCode(200); $response->headersSentThrowsException = false; // Set stub method return values $request->expects($this->any())->method('getRequestUri')->will($this->returnValue('/')); $request->expects($this->any())->method('getMethod')->will($this->returnValue('GET')); $request->expects($this->any())->method('getServer')->will($this->returnValue('PHPUnit')); $request->expects($this->any())->method('getHeader')->will($this->returnValue($clientHeader)); // Select an Authentication scheme switch ($scheme) { case 'basic': $use = $this->_basicConfig; break; case 'digest': $use = $this->_digestConfig; break; case 'both': default: $use = $this->_bothConfig; } // Create the HTTP Auth adapter $a = new Zend_Auth_Adapter_Http($use); $a->setBasicResolver($this->_basicResolver); $a->setDigestResolver($this->_digestResolver); // Send the authentication request $a->setRequest($request); $a->setResponse($response); $result = $a->authenticate(); $return = array('result' => $result, 'status' => $response->getHttpResponseCode(), 'headers' => $response->getHeaders()); return $return; }
public function testUnsupportedScheme() { $response = $this->getMock('Zend_Controller_Response_Http'); $request = $this->getMock('Zend_Controller_Request_Http'); $request->expects($this->any())->method('getHeader')->will($this->returnValue('NotSupportedScheme <followed by a space caracter')); $a = new Zend_Auth_Adapter_Http($this->_digestConfig); $a->setDigestResolver($this->_digestResolver)->setRequest($request)->setResponse($response); $result = $a->authenticate(); $this->assertEquals($result->getCode(), Zend_Auth_Result::FAILURE_UNCATEGORIZED); }
public function preDispatch() { $this->_startTime = microtime(true); // use plain text error reporting ini_set('html_errors', 0); // login procedure // can handler digest or basic authentication but won't send // WWW-Authenticate header challenging clients to use those. // Instead will have the client as a anonymous user ('default') unless // they authenticate with basic, digest or create a session // get the Authorization header for checking header based authentication // methods such as basic and digest $headerAuthType = strtolower(strstr(strstr($this->getRequest()->getHeader('Authorization'), 'Authorization: '), ' ', true)); // set up auth adapter, check if basic, or digest are appropriate, if // not use session based if ('basic' == $headerAuthType) { // start up basic auth if requested $config = array( 'accept_schemes' => 'basic', 'realm' => 'App', 'digest_domains' => '/', 'nonce_timeout' => 3600, ); $authAdapter = new Zend_Auth_Adapter_Http($config); $basicResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('basic'); $authAdapter->setBasicResolver($basicResolver); $authAdapter->setRequest($this->getRequest()); $authAdapter->setResponse($this->getResponse()); } elseif ('digest' == $headerAuthType) { // start up digest auth if requested $config = array( 'accept_schemes' => 'digest', 'realm' => 'App', 'digest_domains' => '/', 'nonce_timeout' => 3600, ); $authAdapter = new Zend_Auth_Adapter_Http($config); $digestResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('digest'); $authAdapter->setDigestResolver($digestResolver); $authAdapter->setRequest($this->getRequest()); $authAdapter->setResponse($this->getResponse()); } else { // use session authentication, note that session authentication will // never result in inValid because if a session doesn't exist, a // session for a default user will be created // note: session credentials are set up by posting to a session // resource $authAdapter = new Rest_Auth_Adapter_RestSessionDb(); } require_once 'Zend/Auth.php'; $result = Zend_Auth::getInstance()->authenticate($authAdapter); // if a client has invalid credentials with a basic or digest // authentication, the Zend_Auth_Adapter_Http will challenge them on it if (!$result->isValid()) { // Bad userame/password, or canceled password prompt // Authentication failed; print the reasons why $this->getResponse()->setHttpResponseCode(401); $this->view->data = $result->getMessages(); // cancel the action but post dispatch will be executed $this->setCancelAction(true); return; } if ('Basic' == $headerAuthType || 'Digest' == $headerAuthType) { require_once 'models/Handler/Session.php'; $handler = new Default_Model_Handler_Session(); $handler->post(array('user_id' => $result->getIdentity()->id)); } }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @return null|\Zend_Auth */ public function onInitResourceAuth(Enlight_Event_EventArgs $args) { if (!$this->isApiCall) { return; } $adapter = new Zend_Auth_Adapter_Http(array('accept_schemes' => 'digest', 'realm' => 'Shopware4 REST-API', 'digest_domains' => '/', 'nonce_timeout' => 3600)); $adapter->setDigestResolver(new \ShopwarePlugins\RestApi\Components\StaticResolver($this->get('models'))); $adapter->setRequest($this->request); $adapter->setResponse($this->response); $resource = Shopware_Components_Auth::getInstance(); $storage = new Zend_Auth_Storage_NonPersistent(); $resource->setBaseAdapter($adapter); $resource->addAdapter($adapter); $resource->setStorage($storage); return $resource; }