protected function _httpAuth()
{
$config = array('accept_schemes' => 'digest', 'realm' => Bbx_Config::get()->site->location, 'digest_domains' => '/', 'nonce_timeout' => 3600);
$adaptor = new Zend_Auth_Adapter_Http($config);
$this->_resolver = new Bbx_Auth_Resolver_Db();
$adaptor->setDigestResolver($this->_resolver)->setRequest($this->getRequest())->setResponse($this->getResponse());
try {
$auth = $adaptor->authenticate();
if (!$auth->isValid()) {
if (isset($this->_redirect)) {
$body = $this->_getRedirectBody();
} else {
$body = $this->_get403Body();
}
$this->getResponse()->setHttpResponseCode(401)->setBody($body)->sendResponse();
exit;
}
return $auth->isValid();
} catch (Exception $e) {
Bbx_Log::write('Exception during authentication: ' . $e->getMessage());
throw new Bbx_Controller_Rest_Exception(null, 401);
}
}
/**
* Acts like a client sending the given Authenticate header value.
*
* @param string $clientHeader Authenticate header value
* @param string $scheme Which authentication scheme to use
* @return array Containing the result, the response headers, and the status
*/
public function _doAuth($clientHeader, $scheme)
{
// Set up stub request and response objects
$request = $this->getMock('Zend_Controller_Request_Http');
$response = new Zend_Controller_Response_Http();
$response->setHttpResponseCode(200);
$response->headersSentThrowsException = false;
// Set stub method return values
$request->expects($this->any())->method('getRequestUri')->will($this->returnValue('/'));
$request->expects($this->any())->method('getMethod')->will($this->returnValue('GET'));
$request->expects($this->any())->method('getServer')->will($this->returnValue('PHPUnit'));
$request->expects($this->any())->method('getHeader')->will($this->returnValue($clientHeader));
// Select an Authentication scheme
switch ($scheme) {
case 'basic':
$use = $this->_basicConfig;
break;
case 'digest':
$use = $this->_digestConfig;
break;
case 'both':
default:
$use = $this->_bothConfig;
}
// Create the HTTP Auth adapter
$a = new Zend_Auth_Adapter_Http($use);
$a->setBasicResolver($this->_basicResolver);
$a->setDigestResolver($this->_digestResolver);
// Send the authentication request
$a->setRequest($request);
$a->setResponse($response);
$result = $a->authenticate();
$return = array('result' => $result, 'status' => $response->getHttpResponseCode(), 'headers' => $response->getHeaders());
return $return;
}
public function testUnsupportedScheme()
{
$response = $this->getMock('Zend_Controller_Response_Http');
$request = $this->getMock('Zend_Controller_Request_Http');
$request->expects($this->any())->method('getHeader')->will($this->returnValue('NotSupportedScheme <followed by a space caracter'));
$a = new Zend_Auth_Adapter_Http($this->_digestConfig);
$a->setDigestResolver($this->_digestResolver)->setRequest($request)->setResponse($response);
$result = $a->authenticate();
$this->assertEquals($result->getCode(), Zend_Auth_Result::FAILURE_UNCATEGORIZED);
}
public function preDispatch()
{
$this->_startTime = microtime(true);
// use plain text error reporting
ini_set('html_errors', 0);
// login procedure
// can handler digest or basic authentication but won't send
// WWW-Authenticate header challenging clients to use those.
// Instead will have the client as a anonymous user ('default') unless
// they authenticate with basic, digest or create a session
// get the Authorization header for checking header based authentication
// methods such as basic and digest
$headerAuthType = strtolower(strstr(strstr($this->getRequest()->getHeader('Authorization'), 'Authorization: '), ' ', true));
// set up auth adapter, check if basic, or digest are appropriate, if
// not use session based
if ('basic' == $headerAuthType) {
// start up basic auth if requested
$config = array(
'accept_schemes' => 'basic',
'realm' => 'App',
'digest_domains' => '/',
'nonce_timeout' => 3600,
);
$authAdapter = new Zend_Auth_Adapter_Http($config);
$basicResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('basic');
$authAdapter->setBasicResolver($basicResolver);
$authAdapter->setRequest($this->getRequest());
$authAdapter->setResponse($this->getResponse());
} elseif ('digest' == $headerAuthType) {
// start up digest auth if requested
$config = array(
'accept_schemes' => 'digest',
'realm' => 'App',
'digest_domains' => '/',
'nonce_timeout' => 3600,
);
$authAdapter = new Zend_Auth_Adapter_Http($config);
$digestResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('digest');
$authAdapter->setDigestResolver($digestResolver);
$authAdapter->setRequest($this->getRequest());
$authAdapter->setResponse($this->getResponse());
} else {
// use session authentication, note that session authentication will
// never result in inValid because if a session doesn't exist, a
// session for a default user will be created
// note: session credentials are set up by posting to a session
// resource
$authAdapter = new Rest_Auth_Adapter_RestSessionDb();
}
require_once 'Zend/Auth.php';
$result = Zend_Auth::getInstance()->authenticate($authAdapter);
// if a client has invalid credentials with a basic or digest
// authentication, the Zend_Auth_Adapter_Http will challenge them on it
if (!$result->isValid()) {
// Bad userame/password, or canceled password prompt
// Authentication failed; print the reasons why
$this->getResponse()->setHttpResponseCode(401);
$this->view->data = $result->getMessages();
// cancel the action but post dispatch will be executed
$this->setCancelAction(true);
return;
}
if ('Basic' == $headerAuthType || 'Digest' == $headerAuthType) {
require_once 'models/Handler/Session.php';
$handler = new Default_Model_Handler_Session();
$handler->post(array('user_id' => $result->getIdentity()->id));
}
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @return null|\Zend_Auth
*/
public function onInitResourceAuth(Enlight_Event_EventArgs $args)
{
if (!$this->isApiCall) {
return;
}
$adapter = new Zend_Auth_Adapter_Http(array('accept_schemes' => 'digest', 'realm' => 'Shopware4 REST-API', 'digest_domains' => '/', 'nonce_timeout' => 3600));
$adapter->setDigestResolver(new \ShopwarePlugins\RestApi\Components\StaticResolver($this->get('models')));
$adapter->setRequest($this->request);
$adapter->setResponse($this->response);
$resource = Shopware_Components_Auth::getInstance();
$storage = new Zend_Auth_Storage_NonPersistent();
$resource->setBaseAdapter($adapter);
$resource->addAdapter($adapter);
$resource->setStorage($storage);
return $resource;
}
