Auth/Adapter/Http.php
- category
- Zend
- copyright
- Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
- license
- http://framework.zend.com/license/new-bsd New BSD License
- package
- Zend_Auth
- subpackage
- Zend_Auth_Adapter_Http
- version
- $Id: Http.php 20096 2010-01-06 02:05:09Z bkarwin $
- Classes
- Zend_Auth_Adapter_Http
Description
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.
Zend_Auth_Adapter_Http
- Implements
- Zend_Auth_Adapter_Interface
- category
- Zend
- copyright
- Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
- license
- http://framework.zend.com/license/new-bsd New BSD License
- package
- Zend_Auth
- subpackage
- Zend_Auth_Adapter_Http
- todo
- Support auth-int
- todo
- Track nonces, nonce-count, opaque for replay protection and stale support
- todo
- Support Authentication-Info header
- Properties
- $_request
- $_response
- $_basicResolver
- $_digestResolver
- $_supportedSchemes
- $_acceptSchemes
- $_domains
- $_realm
- $_nonceTimeout
- $_useOpaque
- $_supportedAlgos
- $_algo
- $_supportedQops
- $_imaProxy
- $_ieNoOpaque
- Methods
- __construct
- setBasicResolver
- getBasicResolver
- setDigestResolver
- getDigestResolver
- setRequest
- getRequest
- setResponse
- getResponse
- authenticate
- _challengeClient
- _basicHeader
- _digestHeader
- _basicAuth
- _digestAuth
- _calcNonce
- _calcOpaque
- _parseDigestAuth
Description
HTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
Properties
$_acceptSchemes
array $_acceptSchemes = ''List of schemes this class will accept from the client
Details
- $_acceptSchemes
- array
- visibility
- protected
- default
- final
- false
- static
- false
$_algo
string $_algo = ''The actual algorithm to use. Defaults to MD5
Details
- $_algo
- string
- visibility
- protected
- default
- final
- false
- static
- false
$_basicResolver
Zend_Auth_Adapter_Http_Resolver_Interface $_basicResolver = ''Object that looks up user credentials for the Basic scheme
Details
- $_basicResolver
-
Zend_Auth_Adapter_Http_Resolver_Interface
- visibility
- protected
- default
- final
- false
- static
- false
$_digestResolver
Zend_Auth_Adapter_Http_Resolver_Interface $_digestResolver = ''Object that looks up user credentials for the Digest scheme
Details
- $_digestResolver
-
Zend_Auth_Adapter_Http_Resolver_Interface
- visibility
- protected
- default
- final
- false
- static
- false
$_domains
string $_domains = ''Space-delimited list of protected domains for Digest Auth
Details
- $_domains
- string
- visibility
- protected
- default
- final
- false
- static
- false
$_ieNoOpaque
boolean $_ieNoOpaque = ''Flag indicating the client is IE and didn't bother to return the opaque string
Details
- $_ieNoOpaque
- boolean
- visibility
- protected
- default
- final
- false
- static
- false
$_imaProxy
boolean $_imaProxy = ''Whether or not to do Proxy Authentication instead of origin server authentication (send 407's instead of 401's). Off by default.
Details
- $_imaProxy
- boolean
- visibility
- protected
- default
- final
- false
- static
- false
$_nonceTimeout
integer $_nonceTimeout = ''Nonce timeout period
Details
- $_nonceTimeout
- integer
- visibility
- protected
- default
- final
- false
- static
- false
$_realm
string $_realm = ''The protection realm to use
Details
- $_realm
- string
- visibility
- protected
- default
- final
- false
- static
- false
$_request
Zend_Controller_Request_Http $_request = ''Reference to the HTTP Request object
Details
- $_request
-
Zend_Controller_Request_Http
- visibility
- protected
- default
- final
- false
- static
- false
$_response
Zend_Controller_Response_Http $_response = ''Reference to the HTTP Response object
Details
- $_response
-
Zend_Controller_Response_Http
- visibility
- protected
- default
- final
- false
- static
- false
$_supportedAlgos
array $_supportedAlgos = 'array'List of the supported digest algorithms. I want to support both MD5 and MD5-sess, but MD5-sess won't make it into the first version.
Details
- $_supportedAlgos
- array
- visibility
- protected
- default
- array
- final
- false
- static
- false
$_supportedQops
array $_supportedQops = 'array'List of supported qop options. My intetion is to support both 'auth' and 'auth-int', but 'auth-int' won't make it into the first version.
Details
- $_supportedQops
- array
- visibility
- protected
- default
- array
- final
- false
- static
- false
$_supportedSchemes
array $_supportedSchemes = 'array'List of authentication schemes supported by this class
Details
- $_supportedSchemes
- array
- visibility
- protected
- default
- array
- final
- false
- static
- false
$_useOpaque
boolean $_useOpaque = ''Whether to send the opaque value in the header. True by default
Details
- $_useOpaque
- boolean
- visibility
- protected
- default
- final
- false
- static
- false
Methods
__construct
__construct(
array $config
)
:
voidConstructor
Arguments
- $config
- array
Configuration settings: 'accept_schemes' => 'basic'|'digest'|'basic digest' 'realm' => <string> 'digest_domains' => <string> Space-delimited list of URIs 'nonce_timeout' => <int> 'use_opaque' => <bool> Whether to send the opaque value in the header 'alogrithm' => <string> See $_supportedAlgos. Default: MD5 'proxy_auth' => <bool> Whether to do authentication as a Proxy
Details
- visibility
- public
- final
- false
- static
- false
- throws
_basicAuth
_basicAuth(
string $header
)
:
Zend_Auth_ResultBasic Authentication
Arguments
- $header
- string
Client's Authorization header
Output
Details
- visibility
- protected
- final
- false
- static
- false
- throws
_basicHeader
_basicHeader(
)
:
stringBasic Header
Generates a Proxy- or WWW-Authenticate header value in the Basic authentication scheme.
Output
- string
- Authenticate header value
Details
- visibility
- protected
- final
- false
- static
- false
_calcNonce
_calcNonce(
)
:
stringCalculate Nonce
Output
- string
- The nonce value
Details
- visibility
- protected
- final
- false
- static
- false
_calcOpaque
_calcOpaque(
)
:
stringCalculate Opaque
The opaque string can be anything; the client must return it exactly as it was sent. It may be useful to store data in this string in some applications. Ideally, a new value for this would be generated each time a WWW-Authenticate header is sent (in order to reduce predictability), but we would have to be able to create the same exact value across at least two separate requests from the same client.
Output
- string
- The opaque value
Details
- visibility
- protected
- final
- false
- static
- false
_challengeClient
_challengeClient(
)
:
Zend_Auth_ResultChallenge Client
Sets a 401 or 407 Unauthorized response code, and creates the appropriate Authenticate header(s) to prompt for credentials.
Output
- Zend_Auth_Result
- Always returns a non-identity Auth result
Details
- visibility
- protected
- final
- false
- static
- false
_digestAuth
_digestAuth(
string $header
)
:
Zend_Auth_ResultDigest Authentication
Arguments
- $header
- string
Client's Authorization header
Output
- Zend_Auth_Result
- Valid auth result only on successful auth
Details
- visibility
- protected
- final
- false
- static
- false
- throws
_digestHeader
_digestHeader(
)
:
stringDigest Header
Generates a Proxy- or WWW-Authenticate header value in the Digest authentication scheme.
Output
- string
- Authenticate header value
Details
- visibility
- protected
- final
- false
- static
- false
_parseDigestAuth
_parseDigestAuth(
string $header
)
:
array|falseParse Digest Authorization header
Arguments
- $header
- string
Client's Authorization: HTTP header
Output
- array|false
- Data elements from header, or false if any part of the header is invalid
Details
- visibility
- protected
- final
- false
- static
- false
authenticate
authenticate(
)
:
Zend_Auth_ResultAuthenticate
Output
Details
- visibility
- public
- final
- false
- static
- false
- throws
getBasicResolver
getBasicResolver(
)
:
Zend_Auth_Adapter_Http_Resolver_InterfaceGetter for the _basicResolver property
Details
- visibility
- public
- final
- false
- static
- false
getDigestResolver
getDigestResolver(
)
:
Zend_Auth_Adapter_Http_Resolver_InterfaceGetter for the _digestResolver property
Details
- visibility
- public
- final
- false
- static
- false
getRequest
getRequest(
)
:
Zend_Controller_Request_HttpGetter for the Request object
Output
Details
- visibility
- public
- final
- false
- static
- false
getResponse
getResponse(
)
:
Zend_Controller_Response_HttpGetter for the Response object
Details
- visibility
- public
- final
- false
- static
- false
setBasicResolver
setBasicResolver(
Zend_Auth_Adapter_Http_Resolver_Interface $resolver
)
:
Zend_Auth_Adapter_HttpSetter for the _basicResolver property
Arguments
- $resolver
- Zend_Auth_Adapter_Http_Resolver_Interface
Output
- Zend_Auth_Adapter_Http
- Provides a fluent interface
Details
- visibility
- public
- final
- false
- static
- false
setDigestResolver
setDigestResolver(
Zend_Auth_Adapter_Http_Resolver_Interface $resolver
)
:
Zend_Auth_Adapter_HttpSetter for the _digestResolver property
Arguments
- $resolver
- Zend_Auth_Adapter_Http_Resolver_Interface
Output
- Zend_Auth_Adapter_Http
- Provides a fluent interface
Details
- visibility
- public
- final
- false
- static
- false
setRequest
setRequest(
Zend_Controller_Request_Http $request
)
:
Zend_Auth_Adapter_HttpSetter for the Request object
Arguments
- $request
- Zend_Controller_Request_Http
Output
- Zend_Auth_Adapter_Http
- Provides a fluent interface
Details
- visibility
- public
- final
- false
- static
- false
setResponse
setResponse(
Zend_Controller_Response_Http $response
)
:
Zend_Auth_Adapter_HttpSetter for the Response object
Arguments
- $response
- Zend_Controller_Response_Http
Output
- Zend_Auth_Adapter_Http
- Provides a fluent interface
Details
- visibility
- public
- final
- false
- static
- false