ecommun / owncloud_ynh

Blame view

sources/3rdparty/Sabre/DAV/Auth/Backend/AbstractDigest.php 2.89 KB
edit raw normal view history
03e52840d   Kload   Init 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
  <?php
  
  /**
   * HTTP Digest authentication backend class
   *
   * This class can be used by authentication objects wishing to use HTTP Digest
   * Most of the digest logic is handled, implementors just need to worry about
   * the getDigestHash method
   *
   * @package Sabre
   * @subpackage DAV
   * @copyright Copyright (C) 2007-2013 Rooftop Solutions. All rights reserved.
   * @author Evert Pot (http://www.rooftopsolutions.nl/) 
   * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
   */
  abstract class Sabre_DAV_Auth_Backend_AbstractDigest implements Sabre_DAV_Auth_IBackend {
  
      /**
       * This variable holds the currently logged in username.
       *
       * @var array|null
       */
      protected $currentUser;
  
      /**
       * Returns a users digest hash based on the username and realm.
       *
       * If the user was not known, null must be returned.
       *
       * @param string $realm
       * @param string $username
       * @return string|null
       */
      abstract public function getDigestHash($realm, $username);
  
      /**
       * Authenticates the user based on the current request.
       *
       * If authentication is successful, true must be returned.
       * If authentication fails, an exception must be thrown.
       *
       * @param Sabre_DAV_Server $server
       * @param string $realm
       * @throws Sabre_DAV_Exception_NotAuthenticated
       * @return bool
       */
      public function authenticate(Sabre_DAV_Server $server, $realm) {
  
          $digest = new Sabre_HTTP_DigestAuth();
  
          // Hooking up request and response objects
          $digest->setHTTPRequest($server->httpRequest);
          $digest->setHTTPResponse($server->httpResponse);
  
          $digest->setRealm($realm);
          $digest->init();
  
          $username = $digest->getUsername();
  
          // No username was given
          if (!$username) {
              $digest->requireLogin();
              throw new Sabre_DAV_Exception_NotAuthenticated('No digest authentication headers were found');
          }
  
          $hash = $this->getDigestHash($realm, $username);
          // If this was false, the user account didn't exist
          if ($hash===false || is_null($hash)) {
              $digest->requireLogin();
              throw new Sabre_DAV_Exception_NotAuthenticated('The supplied username was not on file');
          }
          if (!is_string($hash)) {
              throw new Sabre_DAV_Exception('The returned value from getDigestHash must be a string or null');
          }
  
          // If this was false, the password or part of the hash was incorrect.
          if (!$digest->validateA1($hash)) {
              $digest->requireLogin();
              throw new Sabre_DAV_Exception_NotAuthenticated('Incorrect username');
          }
  
          $this->currentUser = $username;
          return true;
  
      }
  
      /**
       * Returns the currently logged in username.
       *
       * @return string|null
       */
      public function getCurrentUser() {
  
          return $this->currentUser;
  
      }
  
  }