1*a1a3b679SAndreas Boehler<?php 2*a1a3b679SAndreas Boehler 3*a1a3b679SAndreas Boehlernamespace Sabre\HTTP\Auth; 4*a1a3b679SAndreas Boehler 5*a1a3b679SAndreas Boehler/** 6*a1a3b679SAndreas Boehler * HTTP Bearer authentication utility. 7*a1a3b679SAndreas Boehler * 8*a1a3b679SAndreas Boehler * This class helps you setup bearer auth. The process is fairly simple: 9*a1a3b679SAndreas Boehler * 10*a1a3b679SAndreas Boehler * 1. Instantiate the class. 11*a1a3b679SAndreas Boehler * 2. Call getToken (this will return null or a token as string) 12*a1a3b679SAndreas Boehler * 3. If you didn't get a valid token, call 'requireLogin' 13*a1a3b679SAndreas Boehler * 14*a1a3b679SAndreas Boehler * @copyright Copyright (C) 2009-2015 fruux GmbH (https://fruux.com/). 15*a1a3b679SAndreas Boehler * @author François Kooman (fkooman@tuxed.net) 16*a1a3b679SAndreas Boehler * @license http://sabre.io/license/ Modified BSD License 17*a1a3b679SAndreas Boehler */ 18*a1a3b679SAndreas Boehlerclass Bearer extends AbstractAuth { 19*a1a3b679SAndreas Boehler 20*a1a3b679SAndreas Boehler /** 21*a1a3b679SAndreas Boehler * This method returns a string with an access token. 22*a1a3b679SAndreas Boehler * 23*a1a3b679SAndreas Boehler * If no token was found, this method returns null. 24*a1a3b679SAndreas Boehler * 25*a1a3b679SAndreas Boehler * @return null|string 26*a1a3b679SAndreas Boehler */ 27*a1a3b679SAndreas Boehler function getToken() { 28*a1a3b679SAndreas Boehler 29*a1a3b679SAndreas Boehler $auth = $this->request->getHeader('Authorization'); 30*a1a3b679SAndreas Boehler 31*a1a3b679SAndreas Boehler if (!$auth) { 32*a1a3b679SAndreas Boehler return null; 33*a1a3b679SAndreas Boehler } 34*a1a3b679SAndreas Boehler 35*a1a3b679SAndreas Boehler if (strtolower(substr($auth, 0, 7)) !== 'bearer ') { 36*a1a3b679SAndreas Boehler return null; 37*a1a3b679SAndreas Boehler } 38*a1a3b679SAndreas Boehler 39*a1a3b679SAndreas Boehler return substr($auth, 7); 40*a1a3b679SAndreas Boehler 41*a1a3b679SAndreas Boehler } 42*a1a3b679SAndreas Boehler 43*a1a3b679SAndreas Boehler /** 44*a1a3b679SAndreas Boehler * This method sends the needed HTTP header and statuscode (401) to force 45*a1a3b679SAndreas Boehler * authentication. 46*a1a3b679SAndreas Boehler * 47*a1a3b679SAndreas Boehler * @return void 48*a1a3b679SAndreas Boehler */ 49*a1a3b679SAndreas Boehler function requireLogin() { 50*a1a3b679SAndreas Boehler 51*a1a3b679SAndreas Boehler $this->response->addHeader('WWW-Authenticate', 'Bearer realm="' . $this->realm . '"'); 52*a1a3b679SAndreas Boehler $this->response->setStatus(401); 53*a1a3b679SAndreas Boehler 54*a1a3b679SAndreas Boehler } 55*a1a3b679SAndreas Boehler 56*a1a3b679SAndreas Boehler} 57