Auth/Adapter/Http.php
Show:
inherited
inherited
Classes
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled
with this package in the file LICENSE.txt.
It is also available through the world-wide-web at this URL:
http://framework.zend.com/license/new-bsd
If you did not receive a copy of the license and are unable to
obtain it through the world-wide-web, please send an email
to license@zend.com so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_Auth
- Subpackage
- Zend_Auth_Adapter_Http
- Version
- $Id$
\Zend_Auth_Adapter_Http
Package: Zend_Auth\Zend_Auth_Adapter_Http
HTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
- Implements
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Todo
- Support auth-int
- Todo
- Track nonces, nonce-count, opaque for replay protection and stale support
- Todo
- Support Authentication-Info header
Properties
array $_acceptSchemesList of schemes this class will accept from the client
Details
- Type
- array
string $_algoThe actual algorithm to use. Defaults to MD5
Details
- Type
- string
\Zend_Auth_Adapter_Http_Resolver_Interface $_basicResolverObject that looks up user credentials for the Basic scheme
Details
\Zend_Auth_Adapter_Http_Resolver_Interface $_digestResolverObject that looks up user credentials for the Digest scheme
Details
string $_domainsSpace-delimited list of protected domains for Digest Auth
Details
- Type
- string
boolean $_ieNoOpaqueFlag indicating the client is IE and didn't bother to return the opaque string
Details
- Type
- boolean
boolean $_imaProxyWhether or not to do Proxy Authentication instead of origin server
authentication (send 407's instead of 401's). Off by default.
Details
- Type
- boolean
integer $_nonceTimeoutNonce timeout period
Details
- Type
- integer
string $_realmThe protection realm to use
Details
- Type
- string
\Zend_Controller_Request_Http $_requestReference to the HTTP Request object
Details
\Zend_Controller_Response_Http $_responseReference to the HTTP Response object
Details
array $_supportedAlgos = array('MD5')List of the supported digest algorithms. I want to support both MD5 and
MD5-sess, but MD5-sess won't make it into the first version.
Default value
array('MD5')Details- Type
- array
array $_supportedQops = array('auth')List of supported qop options. My intetion is to support both 'auth' and
'auth-int', but 'auth-int' won't make it into the first version.
Default value
array('auth')Details- Type
- array
array $_supportedSchemes = array('basic', 'digest')List of authentication schemes supported by this class
Default value
array('basic', 'digest')Details- Type
- array
boolean $_useOpaqueWhether to send the opaque value in the header. True by default
Details
- Type
- boolean
Methods
__construct(array $config) : voidConstructor
Parameters
Throws
| Name | Type | Description |
|---|---|---|
| $config | array | Configuration settings:
'accept_schemes' => 'basic'|'digest'|'basic digest'
'realm' => |
| Exception | Description |
|---|---|
| \Zend_Auth_Adapter_Exception |
_basicAuth(string $header) : \Zend_Auth_ResultBasic Authentication
Parameters
Returns
Throws
| Name | Type | Description |
|---|---|---|
| $header | string | Client's Authorization header |
| Type | Description |
|---|---|
| \Zend_Auth_Result |
| Exception | Description |
|---|---|
| \Zend_Auth_Adapter_Exception |
_basicHeader() : stringBasic Header
Generates a Proxy- or WWW-Authenticate header value in the Basic
authentication scheme.
Returns| Type | Description |
|---|---|
| string | Authenticate header value |
_calcNonce() : stringCalculate Nonce
Returns
| Type | Description |
|---|---|
| string | The nonce value |
_calcOpaque() : stringCalculate Opaque
The opaque string can be anything; the client must return it exactly as
it was sent. It may be useful to store data in this string in some
applications. Ideally, a new value for this would be generated each time
a WWW-Authenticate header is sent (in order to reduce predictability),
but we would have to be able to create the same exact value across at
least two separate requests from the same client.
Returns| Type | Description |
|---|---|
| string | The opaque value |
_challengeClient() : \Zend_Auth_ResultChallenge Client
Sets a 401 or 407 Unauthorized response code, and creates the
appropriate Authenticate header(s) to prompt for credentials.
Returns| Type | Description |
|---|---|
| \Zend_Auth_Result | Always returns a non-identity Auth result |
_digestAuth(string $header) : \Zend_Auth_ResultDigest Authentication
Parameters
Returns
Throws
| Name | Type | Description |
|---|---|---|
| $header | string | Client's Authorization header |
| Type | Description |
|---|---|
| \Zend_Auth_Result | Valid auth result only on successful auth |
| Exception | Description |
|---|---|
| \Zend_Auth_Adapter_Exception |
_digestHeader() : stringDigest Header
Generates a Proxy- or WWW-Authenticate header value in the Digest
authentication scheme.
Returns| Type | Description |
|---|---|
| string | Authenticate header value |
_parseDigestAuth(string $header) : array | falseParse Digest Authorization header
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $header | string | Client's Authorization: HTTP header |
| Type | Description |
|---|---|
| array | false | Data elements from header, or false if any part of the header is invalid |
_secureStringCompare(string $a, string $b) : boolSecurely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $a | string | |
| $b | string |
| Type | Description |
|---|---|
| bool |
authenticate() : \Zend_Auth_ResultAuthenticate
Returns
Throws
| Type | Description |
|---|---|
| \Zend_Auth_Result |
| Exception | Description |
|---|---|
| \Zend_Auth_Adapter_Exception |
getBasicResolver() : \Zend_Auth_Adapter_Http_Resolver_InterfaceGetter for the _basicResolver property
Returns
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http_Resolver_Interface |
getDigestResolver() : \Zend_Auth_Adapter_Http_Resolver_InterfaceGetter for the _digestResolver property
Returns
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http_Resolver_Interface |
getRequest() : \Zend_Controller_Request_HttpGetter for the Request object
Returns
| Type | Description |
|---|---|
| \Zend_Controller_Request_Http |
getResponse() : \Zend_Controller_Response_HttpGetter for the Response object
Returns
| Type | Description |
|---|---|
| \Zend_Controller_Response_Http |
setBasicResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_HttpSetter for the _basicResolver property
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $resolver | \Zend_Auth_Adapter_Http_Resolver_Interface |
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http | Provides a fluent interface |
setDigestResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_HttpSetter for the _digestResolver property
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $resolver | \Zend_Auth_Adapter_Http_Resolver_Interface |
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http | Provides a fluent interface |
setRequest(\Zend_Controller_Request_Http $request) : \Zend_Auth_Adapter_HttpSetter for the Request object
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $request | \Zend_Controller_Request_Http |
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http | Provides a fluent interface |
setResponse(\Zend_Controller_Response_Http $response) : \Zend_Auth_Adapter_HttpSetter for the Response object
Parameters
Returns
| Name | Type | Description |
|---|---|---|
| $response | \Zend_Controller_Response_Http |
| Type | Description |
|---|---|
| \Zend_Auth_Adapter_Http | Provides a fluent interface |