Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 17 |
|
0.00% |
0 / 3 |
CRAP | |
0.00% |
0 / 1 |
| HttpBasicAuth | |
0.00% |
0 / 17 |
|
0.00% |
0 / 3 |
72 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
| useAppConfig | |
0.00% |
0 / 7 |
|
0.00% |
0 / 1 |
20 | |||
| __invoke | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
6 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * HTTP Basic Authentication |
| 5 | * |
| 6 | * inspired by https://github.com/codeguy/Slim-Extras/blob/master/Middleware/HttpBasicAuth.php |
| 7 | * |
| 8 | * Usage: |
| 9 | * \App::httpBasicAuth['username'] = password_hash('password', PASSWORD_DEFAULT); |
| 10 | * // better pre-calculate hash in the config with `php -r "echo password_hash('password', PASSWORD_DEFAULT);"` |
| 11 | * \App::$slim->add(new \BO\Slim\Middleware\HttpBasicAuth(\BO\Slim\Middleware\HttpBasicAuth::useAppConfig()); |
| 12 | */ |
| 13 | |
| 14 | namespace BO\Slim\Middleware; |
| 15 | |
| 16 | use Psr\Http\Message\ServerRequestInterface; |
| 17 | use Psr\Http\Message\ResponseInterface; |
| 18 | use Psr\Http\Server\RequestHandlerInterface; |
| 19 | use BO\Slim\Factory\ResponseFactory; |
| 20 | |
| 21 | class HttpBasicAuth |
| 22 | { |
| 23 | /** |
| 24 | * @var string |
| 25 | */ |
| 26 | protected $realm; |
| 27 | |
| 28 | /** |
| 29 | * @var Callable |
| 30 | */ |
| 31 | protected $isAuthorized; |
| 32 | |
| 33 | public function __construct(callable $isAuthorized, $realm = null) |
| 34 | { |
| 35 | $this->isAuthorized = $isAuthorized; |
| 36 | $this->realm = $realm ?: "Password " . \App::IDENTIFIER; |
| 37 | } |
| 38 | |
| 39 | public static function useAppConfig(): callable |
| 40 | { |
| 41 | return function ($authUser, $authPass) { |
| 42 | if (!count(\App::$httpBasicAuth)) { |
| 43 | return true; |
| 44 | } |
| 45 | if (isset(\App::$httpBasicAuth[$authUser]) && password_verify($authPass, \App::$httpBasicAuth[$authUser])) { |
| 46 | return true; |
| 47 | } |
| 48 | return false; |
| 49 | }; |
| 50 | } |
| 51 | |
| 52 | public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $next): ResponseInterface |
| 53 | { |
| 54 | $serverParams = $request->getServerParams(); |
| 55 | $authUser = $serverParams['PHP_AUTH_USER'] ?? ''; |
| 56 | $authPass = $serverParams['PHP_AUTH_PW'] ?? ''; |
| 57 | |
| 58 | if ($this->isAuthorized->call($this, $authUser, $authPass)) { |
| 59 | $response = $next->handle($request); |
| 60 | } else { |
| 61 | $response = (new ResponseFactory())->createResponse(401, 'Unauthorized'); |
| 62 | $response = $response->withHeader('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realm)); |
| 63 | } |
| 64 | |
| 65 | return $response; |
| 66 | } |
| 67 | } |