Inherited Methods
Class: Sabre_HTTP_AbstractAuth
- Sabre_HTTP_AbstractAuth::__construct()
- __construct
- Sabre_HTTP_AbstractAuth::getRealm()
- Returns the realm
- Sabre_HTTP_AbstractAuth::requireLogin()
- Returns an HTTP 401 header, forcing login
- Sabre_HTTP_AbstractAuth::setHTTPRequest()
- Sets an alternative HTTP request object
- Sabre_HTTP_AbstractAuth::setHTTPResponse()
- Sets an alternative HTTP response object
- Sabre_HTTP_AbstractAuth::setRealm()
- Sets the realm
Class Details
HTTP Digest Authentication handler
Use this class for easy http digest authentication. Instructions:
- Create the object
- Call the setRealm() method with the realm you plan to use
- Call the init method function.
- Call the getUserName() function. This function may return false if no authentication information was supplied. Based on the username you should check your internal database for either the associated password, or the so-called A1 hash of the digest.
- Call either validatePassword() or validateA1(). This will return true or false.
- To make sure an authentication prompt is displayed, call the requireLogin() method.
Tags:
- author - Evert Pot (http://www.rooftopsolutions.nl/)
- copyright - Copyright (C) 2010 Rooftop Solutions. All rights reserved.
- license - Modified BSD License
[ Top ]
Class Variables
$A1
[line 39]
Tags:
- access - protected
Type: mixed
Overrides:
[ Top ]
$digestParts
[line 38]
Tags:
- access - protected
Type: mixed
Overrides:
[ Top ]
$nonce
[line 36]
Tags:
- access - protected
Type: mixed
Overrides:
[ Top ]
$opaque
[line 37]
Tags:
- access - protected
Type: mixed
Overrides:
[ Top ]
$qop = self::QOP_AUTH
[line 40]
Tags:
- access - protected
Type: mixed
Overrides:
[ Top ]
Class Methods
__construct
Sabre_HTTP_DigestAuth __construct(
)
[line 45]
Initializes the object
Tags:
- access - public
Overrides Sabre_HTTP_AbstractAuth::__construct() (__construct)
Parameters:
[ Top ]
getDigest
mixed getDigest(
)
[line 198]
This method returns the full digest string.
It should be compatibile with mod_php format and other webservers.
If the header could not be found, null will be returned
Tags:
- access - public
Parameters:
[ Top ]
getUsername
string getUsername(
)
[line 127]
Returns the username for the request
Tags:
- access - public
Parameters:
[ Top ]
init
void init(
)
[line 60]
Gathers all information from the headers
This method needs to be called prior to anything else.
Tags:
- access - public
Parameters:
[ Top ]
parseDigest
mixed parseDigest(
string
$digest)
[line 224]
Parses the different pieces of the digest string into an array.
This method returns false if an incomplete digest was supplied
Tags:
- access - protected
Parameters:
- string $digest -
[ Top ]
requireLogin
void requireLogin(
)
[line 174]
Returns an HTTP 401 header, forcing login
This should be called when username and password are incorrect, or not supplied at all
Tags:
- access - public
Overrides Sabre_HTTP_AbstractAuth::requireLogin() (Returns an HTTP 401 header, forcing login)
Parameters:
[ Top ]
setQOP
void setQOP(
int
$qop)
[line 83]
Sets the quality of protection value.
Possible values are: Sabre_HTTP_DigestAuth::QOP_AUTH Sabre_HTTP_DigestAuth::QOP_AUTHINT
Multiple values can be specified using logical OR.
QOP_AUTHINT ensures integrity of the request body, but this is not supported by most HTTP clients. QOP_AUTHINT also requires the entire request body to be md5'ed, which can put strains on CPU and memory.
Tags:
- access - public
Parameters:
- int $qop -
[ Top ]
validate
bool validate(
)
[line 138]
Validates the digest challenge
Tags:
- access - protected
Parameters:
[ Top ]
validateA1
bool validateA1(
string
$A1)
[line 97]
Validates the user.
The A1 parameter should be md5($username . ':' . $realm . ':' . $password);
Tags:
- access - public
Parameters:
- string $A1 -
[ Top ]
validatePassword
bool validatePassword(
string
$password)
[line 115]
Validates authentication through a password. The actual password must be provided here.
It is strongly recommended not store the password in plain-text and use validateA1 instead.
Tags:
- access - public
Parameters:
- string $password -
[ Top ]
Class Constants
QOP_AUTH = 1
[line 33]
These constants are used in setQOP();
[ Top ]
QOP_AUTHINT = 2
[line 34]
[ Top ]