HTTP Authentication Adapter
Implements a pretty good chunk of RFC 2617.
category | Zend |
---|---|
package | Zend_Auth |
subpackage | Zend_Auth_Adapter_Http |
copyright | Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) |
license | New BSD License |
todo | Support auth-int |
todo | Track nonces, nonce-count, opaque for replay protection and stale support |
todo | Support Authentication-Info header |
__construct(array $config)
array
Configuration settings:
'accept_schemes' => 'basic'|'digest'|'basic digest'
'realm' =>
\Zend_Auth_Adapter_Exception |
---|
authenticate() : \Zend_Auth_Result
inherited_from | \Zend_Auth_Adapter_Interface::authenticate() |
---|
\Zend_Auth_Adapter_Exception |
---|
\Zend_Auth_Result
getBasicResolver() : \Zend_Auth_Adapter_Http_Resolver_Interface
\Zend_Auth_Adapter_Http_Resolver_Interface
getDigestResolver() : \Zend_Auth_Adapter_Http_Resolver_Interface
\Zend_Auth_Adapter_Http_Resolver_Interface
getRequest() : \Zend_Controller_Request_Http
\Zend_Controller_Request_Http
getResponse() : \Zend_Controller_Response_Http
\Zend_Controller_Response_Http
setBasicResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_Http
\Zend_Auth_Adapter_Http_Resolver_Interface
\Zend_Auth_Adapter_Http
Provides a fluent interfacesetDigestResolver(\Zend_Auth_Adapter_Http_Resolver_Interface $resolver) : \Zend_Auth_Adapter_Http
\Zend_Auth_Adapter_Http_Resolver_Interface
\Zend_Auth_Adapter_Http
Provides a fluent interfacesetRequest(\Zend_Controller_Request_Http $request) : \Zend_Auth_Adapter_Http
\Zend_Controller_Request_Http
\Zend_Auth_Adapter_Http
Provides a fluent interfacesetResponse(\Zend_Controller_Response_Http $response) : \Zend_Auth_Adapter_Http
\Zend_Controller_Response_Http
\Zend_Auth_Adapter_Http
Provides a fluent interface_basicAuth(string $header) : \Zend_Auth_Result
string
Client's Authorization header
\Zend_Auth_Adapter_Exception |
---|
\Zend_Auth_Result
_basicHeader() : string
Generates a Proxy- or WWW-Authenticate header value in the Basic authentication scheme.
string
Authenticate header value_calcNonce() : string
string
The nonce value_calcOpaque() : string
The opaque string can be anything; the client must return it exactly as it was sent. It may be useful to store data in this string in some applications. Ideally, a new value for this would be generated each time a WWW-Authenticate header is sent (in order to reduce predictability), but we would have to be able to create the same exact value across at least two separate requests from the same client.
string
The opaque value_challengeClient() : \Zend_Auth_Result
Sets a 401 or 407 Unauthorized response code, and creates the appropriate Authenticate header(s) to prompt for credentials.
\Zend_Auth_Result
Always returns a non-identity Auth result_digestAuth(string $header) : \Zend_Auth_Result
string
Client's Authorization header
\Zend_Auth_Adapter_Exception |
---|
\Zend_Auth_Result
Valid auth result only on successful auth_digestHeader() : string
Generates a Proxy- or WWW-Authenticate header value in the Digest authentication scheme.
string
Authenticate header value_parseDigestAuth(string $header) : array | false
string
Client's Authorization: HTTP header
array
false
Data elements from header, or false if any part of
the header is invalid_secureStringCompare(string $a, string $b) : boolean
string
string
boolean
$_acceptSchemes : array
$_algo : string
$_basicResolver : \Zend_Auth_Adapter_Http_Resolver_Interface
$_digestResolver : \Zend_Auth_Adapter_Http_Resolver_Interface
$_domains : string
$_ieNoOpaque : boolean
$_imaProxy : boolean
$_nonceTimeout : integer
$_realm : string
$_request : \Zend_Controller_Request_Http
$_response : \Zend_Controller_Response_Http
$_supportedAlgos : array
array('MD5')
$_supportedQops : array
array('auth')
$_supportedSchemes : array
array('basic', 'digest')
$_useOpaque : boolean