function force_login() { $realm = defined('AUTH_REALM') ? AUTH_REALM : null; $validUser = defined('AUTH_USER') ? AUTH_USER : null; $validPass = defined('AUTH_PASS') ? AUTH_PASS : null; if (empty($realm)) { return; } if (empty($validUser)) { return; } if (empty($validPass)) { return; } // Just a random id $nonce = uniqid(); // Get the digest from the http header $digest = getDigest(); // If there was no digest, show login if (is_null($digest)) { requireLogin($realm, $nonce); } $digestParts = digestParse($digest); // Based on all the info we gathered we can figure out what the response should be $A1 = md5("{$validUser}:{$realm}:{$validPass}"); $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}"); $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}"); if ($digestParts['response'] != $validResponse) { requireLogin($realm, $nonce); } }
<?php /* For licensing terms, see /license.txt */ /** * @package chamilo.webservices */ $realm = 'The batcave'; // Just a random id $nonce = uniqid(); // Get the digest from the http header $digest = getDigest(); // If there was no digest, show login if (is_null($digest)) { requireLogin($realm, $nonce); } $digestParts = digestParse($digest); $validUser = '******'; $validPass = '******'; // Based on all the info we gathered we can figure out what the response should be $A1 = md5("{$digestParts['username']}:{$realm}:{$validPass}"); $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}"); $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}"); if ($digestParts['response'] != $validResponse) { requireLogin($realm, $nonce); } else { // We're in! echo 'a7532ae474e5e66a0c16eddab02e02a7'; die; } // This function returns the digest string function getDigest()
function digestVerify($realm, $A1, $authtype) { if ($authtype == 'basic') { if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="' . $realm . '"'); header('HTTP/1.1 401 Unauthorized'); echo 'AUTHORIZATION FAILED'; die; } return $A1 === md5($_SERVER['PHP_AUTH_USER'] . ':' . $realm . ':' . $_SERVER['PHP_AUTH_PW']); } else { $nonce = uniqid(); $digest = getDigest($authtype); if (!$digest) { header('WWW-Authenticate: Digest realm="' . $realm . '",qop="auth",nonce="' . $nonce . '",opaque="' . md5($realm) . '"'); header('HTTP/1.1 401 Unauthorized'); echo 'AUTHORIZATION FAILED'; die; } $digestParts = digestParse($digest, $authtype); $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}"); $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}"); return $digestParts['response'] === $validResponse; } }