1*a1a3b679SAndreas Boehler<?php 2*a1a3b679SAndreas Boehler 3*a1a3b679SAndreas Boehlernamespace Sabre\HTTP\Auth; 4*a1a3b679SAndreas Boehler 5*a1a3b679SAndreas Boehler/** 6*a1a3b679SAndreas Boehler * HTTP Basic authentication utility. 7*a1a3b679SAndreas Boehler * 8*a1a3b679SAndreas Boehler * This class helps you setup basic auth. The process is fairly simple: 9*a1a3b679SAndreas Boehler * 10*a1a3b679SAndreas Boehler * 1. Instantiate the class. 11*a1a3b679SAndreas Boehler * 2. Call getCredentials (this will return null or a user/pass pair) 12*a1a3b679SAndreas Boehler * 3. If you didn't get valid credentials, call 'requireLogin' 13*a1a3b679SAndreas Boehler * 14*a1a3b679SAndreas Boehler * @copyright Copyright (C) 2009-2015 fruux GmbH (https://fruux.com/). 15*a1a3b679SAndreas Boehler * @author Evert Pot (http://evertpot.com/) 16*a1a3b679SAndreas Boehler * @license http://sabre.io/license/ Modified BSD License 17*a1a3b679SAndreas Boehler */ 18*a1a3b679SAndreas Boehlerclass Basic extends AbstractAuth { 19*a1a3b679SAndreas Boehler 20*a1a3b679SAndreas Boehler /** 21*a1a3b679SAndreas Boehler * This method returns a numeric array with a username and password as the 22*a1a3b679SAndreas Boehler * only elements. 23*a1a3b679SAndreas Boehler * 24*a1a3b679SAndreas Boehler * If no credentials were found, this method returns null. 25*a1a3b679SAndreas Boehler * 26*a1a3b679SAndreas Boehler * @return null|array 27*a1a3b679SAndreas Boehler */ 28*a1a3b679SAndreas Boehler function getCredentials() { 29*a1a3b679SAndreas Boehler 30*a1a3b679SAndreas Boehler $auth = $this->request->getHeader('Authorization'); 31*a1a3b679SAndreas Boehler 32*a1a3b679SAndreas Boehler if (!$auth) { 33*a1a3b679SAndreas Boehler return null; 34*a1a3b679SAndreas Boehler } 35*a1a3b679SAndreas Boehler 36*a1a3b679SAndreas Boehler if (strtolower(substr($auth, 0, 6)) !== 'basic ') { 37*a1a3b679SAndreas Boehler return null; 38*a1a3b679SAndreas Boehler } 39*a1a3b679SAndreas Boehler 40*a1a3b679SAndreas Boehler $credentials = explode(':', base64_decode(substr($auth, 6)), 2); 41*a1a3b679SAndreas Boehler 42*a1a3b679SAndreas Boehler if (2 !== count($credentials)) { 43*a1a3b679SAndreas Boehler return null; 44*a1a3b679SAndreas Boehler } 45*a1a3b679SAndreas Boehler 46*a1a3b679SAndreas Boehler return $credentials; 47*a1a3b679SAndreas Boehler 48*a1a3b679SAndreas Boehler } 49*a1a3b679SAndreas Boehler 50*a1a3b679SAndreas Boehler /** 51*a1a3b679SAndreas Boehler * This method sends the needed HTTP header and statuscode (401) to force 52*a1a3b679SAndreas Boehler * the user to login. 53*a1a3b679SAndreas Boehler * 54*a1a3b679SAndreas Boehler * @return void 55*a1a3b679SAndreas Boehler */ 56*a1a3b679SAndreas Boehler function requireLogin() { 57*a1a3b679SAndreas Boehler 58*a1a3b679SAndreas Boehler $this->response->addHeader('WWW-Authenticate', 'Basic realm="' . $this->realm . '"'); 59*a1a3b679SAndreas Boehler $this->response->setStatus(401); 60*a1a3b679SAndreas Boehler 61*a1a3b679SAndreas Boehler } 62*a1a3b679SAndreas Boehler 63*a1a3b679SAndreas Boehler} 64