-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathclass-HTTP_Auth.php
More file actions
executable file
·116 lines (99 loc) · 2.57 KB
/
Copy pathclass-HTTP_Auth.php
File metadata and controls
executable file
·116 lines (99 loc) · 2.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
# @charset utf-8
/**
* Implements Basic HTTP Authentication
*
* @author David Naber <kontakt@dnaber.de>
*/
if ( ! class_exists( 'HTTP_Auth' ) ) {
class HTTP_Auth {
/**
* the user
* keys are 'name' and 'pass'
*
* @var array
*/
protected $user = array();
/**
* Name of the protected zone
*
* @var string
*/
protected $realm = '';
/**
* constructor
*
* @param string $realm
*
* @internal param string $auth_type
*/
public function __construct( $realm = 'private area' ) {
$this->realm = $realm;
$this->parse_user_input();
}
/**
* get user input
*
* @return void
*/
protected function parse_user_input() {
if ( isset( $_SERVER[ 'PHP_AUTH_USER' ], $_SERVER[ 'PHP_AUTH_PW' ] ) ) {
$this->user[ 'name' ] = $_SERVER[ 'PHP_AUTH_USER' ];
$this->user[ 'pass' ] = $_SERVER[ 'PHP_AUTH_PW' ];
} elseif ( isset( $_SERVER[ 'REDIRECT_HTTP_AUTHORIZATION' ] ) # apache may rename our variable
|| isset( $_SERVER[ 'HTTP_AUTHORIZATION' ] )
|| isset( $_ENV[ 'HTTP_AUTHORIZATION' ] )
) {
/**
* work around for PHP-CGI systems
* requires mod_rewirte and the rule
* RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
* or if mod_setenvif is available
* SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
*/
$auth_header = isset( $_SERVER[ 'HTTP_AUTHORIZATION' ] )
? $_SERVER[ 'HTTP_AUTHORIZATION' ]
: (
isset( $_SERVER[ 'REDIRECT_HTTP_AUTHORIZATION' ] )
? $_SERVER[ 'REDIRECT_HTTP_AUTHORIZATION' ]
: $_ENV[ 'HTTP_AUTHORIZATION' ]
);
$user = array();
if ( preg_match( '~Basic\s+(.*)$~i', $auth_header, $user ) ) {
$user = explode( ':', base64_decode( $user[ 1 ] ) );
$this->user[ 'name' ] = ! empty( $user[ 0 ] )
? trim( $user[ 0 ] )
: '';
$this->user[ 'pass' ] = ! empty( $user[ 1 ] )
? trim( $user[ 1 ] )
: '';
}
} else {
$this->auth_required();
}
}
/**
* get the user-data
*
* @return array()
*/
public function get_user() {
return $this->user;
}
/**
* prints the auth-form and exit
*
* @return void
*/
public function auth_required() {
$protocol = $_SERVER['SERVER_PROTOCOL'];
if ( 'HTTP/1.1' !== $protocol && 'HTTP/1.0' !== $protocol ) {
$protocol = 'HTTP/1.0';
}
header( 'WWW-Authenticate: Basic realm="' . $this->realm . '"' );
header( $protocol . ' 401 Unauthorized' );
echo '<h1>Authentication failed</h1>';
exit;
}
} // end class
} // end if class exists