LICENSE 0000666 00000002066 13540163500 0005556 0 ustar 00 The MIT License (MIT)
Copyright (c) 2013 Oliver Vogel
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. README.md 0000666 00000005556 13540163500 0006037 0 ustar 00 # Intervention Httpauth Class
Library to manage HTTP authentication with PHP. Includes ServiceProviders for easy Laravel integration.
## Installation
The easiest way to install this package is via [Composer](https://getcomposer.org/).
Run Composer to install the package.
$ composer require intervention/httpauth
The Httpauth class is built to work with the Laravel Framework. The integration is done in seconds.
Open your Laravel config file `config/app.php` and add the following lines.
In the `$providers` array add the service providers for this package.
'providers' => array(
...
Intervention\Httpauth\HttpauthServiceProvider::class
),
Add the facade of this package to the `$aliases` array.
'aliases' => array(
...
'Httpauth' => Intervention\Httpauth\Facades\Httpauth::class
),
## Usage
* Httpauth::__construct - Create new instance of Httpauth class
* Httpauth::make - Creates new instance of Httpaccess with given config parameters
* Httpauth::secure - Denies access for not-authenticated users
### Configuration
By default the authentication settings are fetched from `config/httpauth.php`. Please make sure to set your own options.
If you are using Laravel 4, you can extract a configuration file to your app by running the following command:
$ php artisan config:publish intervention/httpauth
After you published the configuration file for the package you can edit the local configuration file `app/config/packages/intervention/httpauth/httpauth.php`.
Here's a short explanation of the configuration directives.
**type** _string_
Set the authentication type. Choose between `basic` and `digest` for a more secure type.
**realm** _string_
The name of the secure resource.
**username** _string_
The name the user has to enter to login
**password** _string_
Login password
### Code example
```php
// create a new instance of Httpauth and call secure method
$auth = new Intervention\Httpauth\Httpauth;
$auth->secure();
// You can change the user authentication settings in the config files
// or change it at runtime like this
$config = array('username' => 'admin', 'password' => '1234');
$auth = new Intervention\Httpauth\Httpauth($config);
$auth->secure();
```
### Code example (Laravel)
```php
// the most simple way to secure a url is to call the secure method from a route
Httpauth::secure();
// You can change the user authentication settings in the config files
// or change it at runtime like this
$config = array('username' => 'admin', 'password' => '1234');
Httpauth::make($config)->secure();
```
## Apache
If you are using Apache and running php with fast-cgi, check setting headers:
https://support.deskpro.com/en/kb/articles/missing-authorization-headers-with-apache
## License
Intervention Httpauth Class is licensed under the [MIT License](http://opensource.org/licenses/MIT).
phpunit.xml 0000666 00000001072 13540163500 0006756 0 ustar 00
./tests/
src/config/config.php 0000666 00000002646 13540163500 0010567 0 ustar 00 'basic',
/*
|--------------------------------------------------------------------------
| Authentication realm
|--------------------------------------------------------------------------
|
| Clients must authenticate itself to each realm.
|
*/
'realm' => 'Secured',
/*
|--------------------------------------------------------------------------
| Authentication username
|--------------------------------------------------------------------------
|
| Username to access the secured realm in combination with a password.
|
*/
'username' => 'admin',
/*
|--------------------------------------------------------------------------
| Password
|--------------------------------------------------------------------------
|
| Password to access the secured realm in combination with the username.
|
*/
'password' => '1234'
);
src/config/.gitkeep 0000666 00000000000 13540163500 0010220 0 ustar 00 src/Intervention/Httpauth/DigestUser.php 0000666 00000006023 13540163500 0014411 0 ustar 00 parse();
}
/**
* Checks for valid username & password
*
* @param string $name
* @param string $password
* @return boolean
*/
public function isValid($name, $password, $realm)
{
$request_method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'GET';
$u1 = md5(sprintf('%s:%s:%s', $this->username, $realm, $password));
$u2 = md5(sprintf('%s:%s', $request_method, $this->uri));
$response = md5(sprintf('%s:%s:%s:%s:%s:%s', $u1, $this->nonce, $this->nc, $this->cnonce, $this->qop, $u2));
return ($response == $this->response) && ($name == $this->username);
}
/**
* Parses the User Information from server variables
* @return void
*/
public function parse()
{
$digest = $this->getDigest();
$user = array();
$required = array(
'nonce' => 1,
'nc' => 1,
'cnonce' => 1,
'qop' => 1,
'username' => 1,
'uri' => 1,
'response' => 1
);
preg_match_all('@(\w+)=(?:(?:")([^"]+)"|([^\s,$]+))@', $digest, $matches, PREG_SET_ORDER);
if (is_array($matches)) {
foreach ($matches as $m) {
$key = $m[1];
$user[$key] = $m[2] ? $m[2] : $m[3];
unset($required[$key]);
}
if (count($required) == 0) {
$this->nonce = $user['nonce'];
$this->nc = $user['nc'];
$this->cnonce = $user['cnonce'];
$this->qop = $user['qop'];
$this->username = $user['username'];
$this->uri = $user['uri'];
$this->response = $user['response'];
}
}
}
/**
* Fetch digest data from environment information
*
* @return string
*/
public function getDigest()
{
$digest = null;
if (isset($_SERVER['PHP_AUTH_DIGEST'])) {
$digest = $_SERVER['PHP_AUTH_DIGEST'];
} elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) {
if (strpos(strtolower($_SERVER['HTTP_AUTHORIZATION']), 'digest') === 0) {
$digest = substr($_SERVER['HTTP_AUTHORIZATION'], 7);
}
}
return $digest;
}
}
src/Intervention/Httpauth/HttpauthServiceProvider.php 0000666 00000003121 13540163500 0017164 0 ustar 00 provider = $this->getProvider();
}
/**
* Return ServiceProvider according to Laravel version
*
* @return \Intervention\Httpauth\Provider\ProviderInterface
*/
private function getProvider()
{
$app = $this->app;
$version = intval($app::VERSION);
$provider = sprintf(
'\Intervention\Httpauth\HttpauthServiceProviderLaravel%d',
$version
);
return new $provider($app);
}
/**
* Bootstrap the application events.
*
* @return void
*/
public function boot()
{
return $this->provider->boot();
}
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
return $this->provider->register();
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides()
{
return array('httpauth');
}
}
src/Intervention/Httpauth/Httpauth.php 0000666 00000010522 13540163500 0014133 0 ustar 00 type = $parameters['type'];
}
if (array_key_exists('realm', $parameters)) {
$this->realm = $parameters['realm'];
}
if (array_key_exists('username', $parameters)) {
$this->username = $parameters['username'];
}
if (array_key_exists('password', $parameters)) {
$this->password = $parameters['password'];
}
}
// check if at leat username and password is set
if (! $this->username || ! $this->password) {
throw new Exception('No username or password set for HttpAuthentication.');
}
}
/**
* Creates new instance of Httpaccess with given parameters
*
* @param array $parameters set realm, username and/or password
* @return Intervention\Httpauth\Httpauth
*/
public static function make($parameters = null)
{
return new Httpauth($parameters);
}
/**
* Denies access for not-authenticated users
*
* @return void
*/
public function secure()
{
if (! $this->validateUser($this->getUser())) {
$this->denyAccess();
}
}
/**
* Checks for valid user
*
* @param User $user
* @return bool
*/
private function validateUser(UserInterface $user)
{
return $user->isValid($this->username, $this->password, $this->realm);
}
/**
* Checks if username/password combination matches
*
* @param string $username
* @param string $password
* @return boolean
*/
public function isValid($username, $password)
{
return ($username == $this->username) && ($password == $this->password);
}
/**
* Sends HTTP 401 Header
*
* @return void
*/
private function denyAccess()
{
header($_SERVER['SERVER_PROTOCOL'] . ' Unauthorized');
header('WWW-Authenticate: ' . $this->getDirective());
die(''.$_SERVER['SERVER_PROTOCOL'].' 401 Unauthorized');
}
/**
* Return Directive according the auth type
*
* @return string
*/
private function getDirective()
{
switch (strtolower($this->type)) {
case 'digest':
return 'Digest ' . $this->buildDirectiveParameters(array(
'realm' => $this->realm,
'qop' => 'auth',
'nonce' => uniqid(),
'opaque' => md5($this->realm),
));
default:
return 'Basic ' . $this->buildDirectiveParameters(array(
'realm' => $this->realm
));
}
}
/**
* Format given parameters
*
* @param array $parameters
* @return string
*/
private function buildDirectiveParameters($parameters = array())
{
$result = array();
foreach ($parameters as $key => $value) {
$result[] = $key.'="'.$value.'"';
}
return implode(',', $result);
}
/**
* Get User according to current auth type
*
* @return Intervention\Httpauth\UserInterface
*/
private function getUser()
{
// set user based on authentication type
switch (strtolower($this->type)) {
case 'digest':
return new DigestUser;
break;
default:
return new BasicUser;
break;
}
}
}
src/Intervention/Httpauth/BasicUser.php 0000666 00000003422 13540163500 0014213 0 ustar 00 parse();
}
/**
* Checks for valid username & password
*
* @param string $name
* @param string $password
* @return boolean
*/
public function isValid($name, $password, $realm = null)
{
return ($name == $this->name) && ($password == $this->password);
}
/**
* Parses the User Information from server variables
* @return void
*/
public function parse()
{
if (array_key_exists('PHP_AUTH_USER', $_SERVER)) { // mod_php
$this->name = $_SERVER['PHP_AUTH_USER'];
$this->password = array_key_exists('PHP_AUTH_PW', $_SERVER) ? $_SERVER['PHP_AUTH_PW'] : null;
} elseif (array_key_exists('HTTP_AUTHENTICATION', $_SERVER)) { // most other servers
if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']), 'basic') === 0) {
$userdata = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHENTICATION'], 6)));
list($this->name, $this->password) = $userdata;
}
} elseif (array_key_exists('REDIRECT_HTTP_AUTHORIZATION', $_SERVER)) { // most other servers
if (strpos(strtolower($_SERVER['REDIRECT_HTTP_AUTHORIZATION']), 'basic') === 0) {
$userdata = explode(':', base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
list($this->name, $this->password) = $userdata;
}
}
}
}
src/Intervention/Httpauth/HttpauthServiceProviderLaravel5.php 0000666 00000001443 13540163500 0020565 0 ustar 00 publishes(array(
__DIR__.'/../../config/config.php' => config_path('httpauth.php')
));
}
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
// merge default config
$this->mergeConfigFrom(
__DIR__.'/../../config/config.php',
'httpauth'
);
$this->app->singleton('httpauth', function ($app) {
return new Httpauth($app['config']->get('httpauth'));
});
}
}
src/Intervention/Httpauth/HttpauthServiceProviderLaravel6.php 0000666 00000000200 13540163500 0020554 0 ustar 00 package('intervention/httpauth');
}
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->app['httpauth'] = $this->app->share(function ($app) {
return new Httpauth($app['config']->get('httpauth::config'));
});
}
}
src/Intervention/Httpauth/Facades/Httpauth.php 0000666 00000000324 13540163500 0015460 0 ustar 00 =5.3.0"
},
"require-dev": {
"phpunit/phpunit": "~4.0"
},
"autoload": {
"psr-4": {
"Intervention\\Httpauth\\": "src/Intervention/Httpauth"
}
},
"extra": {
"laravel": {
"providers": [
"Intervention\\Httpauth\\HttpauthServiceProvider"
],
"aliases": {
"Httpauth": "Intervention\\Httpauth\\Facades\\Httpauth"
}
}
},
"minimum-stability": "stable"
} .travis.yml 0000666 00000000312 13540163500 0006652 0 ustar 00 language: php
php:
- 5.3
- 5.4
- 5.5
- 5.6
- 7.0
- 7.1
before_script:
- curl -s http://getcomposer.org/installer | php
- php composer.phar install --dev
script: phpunit tests/BasicUserTest.php 0000666 00000001511 13540163500 0011136 0 ustar 00 assertTrue($user->isValid('test_user', 'test_password'));
}
public function testUserAuth()
{
$userdata = array('test_user', 'test_password');
$userdata = implode(':', $userdata);
$userdata = base64_encode($userdata);
$userdata = 'basic_'.$userdata;
unset($_SERVER['PHP_AUTH_USER']);
unset($_SERVER['PHP_AUTH_PW']);
$_SERVER['HTTP_AUTHENTICATION'] = $userdata;
$user = new BasicUser;
$this->assertTrue($user->isValid('test_user', 'test_password'));
}
}
tests/.gitkeep 0000666 00000000000 13540163500 0007326 0 ustar 00 tests/HttpauthTest.php 0000666 00000002420 13540163500 0011057 0 ustar 00 'test_realm',
'username' => 'test_user',
'password' => 'test_password'
);
$httpauth = new Httpauth($config);
return $httpauth;
}
public function testConstruction()
{
$httpauth = $this->createTestHttpauth();
$this->assertInstanceOf('\Intervention\Httpauth\Httpauth', $httpauth);
$this->assertEquals('test_realm', $httpauth->realm);
$this->assertTrue($httpauth->isValid('test_user', 'test_password'));
}
public function testStaticCall()
{
$config = array(
'realm' => '1',
'username' => '2',
'password' => '3'
);
$httpauth = Httpauth::make($config);
$this->assertInstanceOf('\Intervention\Httpauth\Httpauth', $httpauth);
$this->assertEquals('1', $httpauth->realm);
$this->assertTrue($httpauth->isValid($config['username'], $config['password']));
}
/**
* @expectedException Exception
*/
public function testConstructorWithoutUserPassword()
{
$httpauth = new Httpauth;
}
}
tests/DigestUserTest.php 0000666 00000000420 13540163500 0011332 0 ustar 00 assertInstanceOf('\Intervention\Httpauth\DigestUser', $user);
}
}
.gitignore 0000666 00000000037 13540163500 0006535 0 ustar 00 .DS_Store
composer.lock
vendor/