diff options
| author | Jan-Hendrik Willms <tleilax+github@gmail.com> | 2021-07-22 16:07:19 +0200 |
|---|---|---|
| committer | Jan-Hendrik Willms <tleilax+github@gmail.com> | 2021-07-22 16:19:12 +0200 |
| commit | a3da1483a9e689846179159355badfec8073dbec (patch) | |
| tree | 770dcca6bdf5f6f2a11b0e7fcbbeda6919a3fc52 /lib/classes/restapi/consumer/HTTP.php | |
current code from svn, revision 62608
Diffstat (limited to 'lib/classes/restapi/consumer/HTTP.php')
| -rw-r--r-- | lib/classes/restapi/consumer/HTTP.php | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/lib/classes/restapi/consumer/HTTP.php b/lib/classes/restapi/consumer/HTTP.php new file mode 100644 index 0000000..b4a2239 --- /dev/null +++ b/lib/classes/restapi/consumer/HTTP.php @@ -0,0 +1,50 @@ +<?php +namespace RESTAPI\Consumer; +use StudipAuthAbstract, RESTAPI\RouterException; + +/** + * Basic HTTP Authentication consumer for the rest api + * + * @author Jan-Hendrik Willms <tleilax+studip@gmail.com> + * @license GPL 2 or later + * @since Stud.IP 3.0 + * @deprecated Since Stud.IP 5.0. Will be removed in Stud.IP 5.2. + */ +class HTTP extends Base +{ + /** + * Detects if a user is authenticated via basic http authentication. + * The only supported authentication for now is via the url: + * + * http://username:password@host/path?query + * + * @param mixed $request_type Type of request (optional; defaults to any) + * @return mixed Instance of self if authentication was detected, false + * otherwise + * @throws RouterException if authentication fails + * @todo Integrate and test HTTP_AUTHORIZATION header authentication + */ + public static function detect($request_type = null) + { + if ( + isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) + || isset($_SERVER['HTTP_AUTHORIZATION']) + ) { + $user_id = false; + + if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { + $username = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + } elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) { + list($username, $password) = explode(':', base64_decode(mb_substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + } + + $check = StudipAuthAbstract::CheckAuthentication($username, $password); + if ($check['uid'] && $check['uid'] !== 'nobody') { + return new self(null, $check['uid']); + } + + } + return false; + } +} |