__construct()
authenticate()
getBasicResolver()
getDigestResolver()
getRequest()
getResponse()
setBasicResolver()
setDigestResolver()
setRequest()
setResponse()
_basicAuth()
_basicHeader()
_calcNonce()
_calcOpaque()
_challengeClient()
_digestAuth()
_digestHeader()
_parseDigestAuth()
$acceptSchemes
$algo
$basicResolver
$digestResolver
$domains
$ieNoOpaque
$imaProxy
$nonceTimeout
$realm
$request
$response
$supportedAlgos
$supportedQops
$supportedSchemes
$useOpaque
HTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
| todo | Support auth-int |
|---|---|
| todo | Track nonces, nonce-count, opaque for replay protection and stale support |
| todo | Support Authentication-Info header |
__construct(array $config)
arrayConfiguration settings: 'accept_schemes' => 'basic'|'digest'|'basic digest' 'realm' =>
\Zend\Authentication\Adapter\Exception\InvalidArgumentException |
|---|
authenticate() : \Zend\Authentication\Result
getBasicResolver() : \Zend\Authentication\Adapter\Http\ResolverInterface
getDigestResolver() : \Zend\Authentication\Adapter\Http\ResolverInterface
setBasicResolver(\Zend\Authentication\Adapter\Http\ResolverInterface $resolver) : \Zend\Authentication\Adapter\Http
setDigestResolver(\Zend\Authentication\Adapter\Http\ResolverInterface $resolver) : \Zend\Authentication\Adapter\Http
setRequest(\Zend\Http\Request $request) : \Zend\Authentication\Adapter\Http
\Zend\Http\Request
\Zend\Authentication\Adapter\HttpProvides a fluent interfacesetResponse(\Zend\Http\Response $response) : \Zend\Authentication\Adapter\Http
\Zend\Http\Response
\Zend\Authentication\Adapter\HttpProvides a fluent interface_basicAuth(string $header) : \Zend\Authentication\Result
stringClient's Authorization header
\Zend\Authentication\Adapter\Exception\ExceptionInterface |
|---|
_basicHeader() : string
Generates a Proxy- or WWW-Authenticate header value in the Basic authentication scheme.
stringAuthenticate header value_calcNonce() : string
stringThe nonce value_calcOpaque() : string
The opaque string can be anything; the client must return it exactly as it was sent. It may be useful to store data in this string in some applications. Ideally, a new value for this would be generated each time a WWW-Authenticate header is sent (in order to reduce predictability), but we would have to be able to create the same exact value across at least two separate requests from the same client.
stringThe opaque value_challengeClient() : \Zend\Authentication\Result
Sets a 401 or 407 Unauthorized response code, and creates the appropriate Authenticate header(s) to prompt for credentials.
\Zend\Authentication\ResultAlways returns a non-identity Auth result_digestAuth(string $header) : \Zend\Authentication\Result
stringClient's Authorization header
\Zend\Authentication\Adapter\Exception\ExceptionInterface |
|---|
\Zend\Authentication\ResultValid auth result only on successful auth_digestHeader() : string
Generates a Proxy- or WWW-Authenticate header value in the Digest authentication scheme.
stringAuthenticate header value_parseDigestAuth(string $header) : array | bool
stringClient's Authorization: HTTP header
arrayboolData elements from header, or false if any part of the header is invalid$acceptSchemes : array
$algo : string
Defaults to MD5
$basicResolver : \Zend\Authentication\Adapter\Http\ResolverInterface
$digestResolver : \Zend\Authentication\Adapter\Http\ResolverInterface
$domains : string
$ieNoOpaque : bool
$imaProxy : bool
Off by default.
$nonceTimeout : int
$realm : string
$supportedAlgos : array
I want to support both MD5 and MD5-sess, but MD5-sess won't make it into the first version.
$supportedQops : array
My intention is to support both 'auth' and 'auth-int', but 'auth-int' won't make it into the first version.
$supportedSchemes : array
$useOpaque : bool
True by default