-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathBasicAuthentication.php
More file actions
156 lines (130 loc) · 4.31 KB
/
BasicAuthentication.php
File metadata and controls
156 lines (130 loc) · 4.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php
/**
* Copyright 2015 Xenofon Spafaridis
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Phramework\Authentication\BasicAuthentication;
use \Phramework\Phramework;
use \Phramework\Authentication\Manager;
/**
* BasicAuthentication authentication implementation for phramework
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache-2.0
* @author Xenofon Spafaridis <[email protected]>
* @uses password_verify to verify user's password
*
*/
class BasicAuthentication implements \Phramework\Authentication\IAuthentication
{
/**
* Test if current request holds authorization data
* @param array $params Request parameters
* @param string $method Request method
* @param array $headers Request headers
* @return boolean
*/
public function testProvidedMethod($params, $method, $headers)
{
if (!isset($headers['Authorization'])) {
return false;
}
list($token) = sscanf($headers['Authorization'], 'Basic %s');
if (!$token) {
return false;
}
return true;
}
/**
* @param array $params Request parameters
* @param string $method Request method
* @param array $headers Request headers
* @return object|FALSE Returns false on error or the user object on success
*/
public function check($params, $method, $headers)
{
if (!isset($headers['Authorization'])) {
return false;
}
list($token) = sscanf($headers['Authorization'], 'Basic %s');
if (!$token) {
return false;
}
$tokenDecoded = base64_decode($token);
$tokenParts = explode(':', $tokenDecoded);
if (count($tokenParts) != 2) {
return false;
}
$email = \Phramework\Validate\EmailValidator::parseStatic($tokenParts[0]);
$password = $tokenParts[1];
list($user) = $this->authenticate(
[
'email' => $email,
'password' => $password,
],
$method,
$headers
);
if ($user !== false && ($callback = Manager::getOnCheckCallback()) !== null) {
call_user_func(
$callback,
$user
);
}
return $user;
}
/**
* Authenticate a user using JWT authentication method
* @param array $params Request parameters
* @param string $method Request method
* @param array $headers Request headers
* @return false|array Returns false on failure
*/
public function authenticate($params, $method, $headers)
{
$email = \Phramework\Validate\EmailValidator::parseStatic($params['email']);
$password = $params['password'];
$user = call_user_func(Manager::getUserGetByEmailMethod(), $email);
if (!$user) {
return false;
}
if (!password_verify($password, $user['password'])) {
return false;
}
/*
* Create the token as an array
*/
$data = [
'id' => $user['id']
];
//copy user attributes to jwt's data
foreach (Manager::getAttributes() as $attribute) {
if (!isset($user[$attribute])) {
throw new \Phramework\Exceptions\ServerException(sprintf(
'Attribute "%s" is not set in user object',
$attribute
));
}
$data[$attribute] = $user[$attribute];
}
//Convert to object
$data = (object)$data;
//Call onAuthenticate callback if set
if (($callback = Manager::getOnAuthenticateCallback()) !== null) {
call_user_func(
$callback,
$data
);
}
return [$data];
}
}