2010-10-19 12:06:43 +01:00
< ? php
2011-01-15 13:29:43 +00:00
/*
* This file is part of the Symfony package .
*
2011-03-06 11:40:06 +00:00
* ( c ) Fabien Potencier < fabien @ symfony . com >
2011-01-15 13:29:43 +00:00
*
* For the full copyright and license information , please view the LICENSE
* file that was distributed with this source code .
*/
2011-01-26 20:34:11 +00:00
namespace Symfony\Component\Security\Http\EntryPoint ;
2010-10-19 12:06:43 +01:00
2011-01-26 20:34:11 +00:00
use Symfony\Component\Security\Core\Exception\AuthenticationException ;
2011-02-04 18:38:42 +00:00
use Symfony\Component\Security\Core\Exception\NonceExpiredException ;
2010-10-19 12:06:43 +01:00
use Symfony\Component\HttpFoundation\Response ;
use Symfony\Component\HttpFoundation\Request ;
2013-01-09 09:41:17 +00:00
use Psr\Log\LoggerInterface ;
2010-10-19 12:06:43 +01:00
/**
* DigestAuthenticationEntryPoint starts an HTTP Digest authentication .
*
2011-03-06 11:40:06 +00:00
* @ author Fabien Potencier < fabien @ symfony . com >
2017-09-26 18:05:58 +01:00
*
* @ deprecated since 3.4 , to be removed in 4.0
2010-10-19 12:06:43 +01:00
*/
class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface
{
2015-11-07 17:29:53 +00:00
private $secret ;
2011-03-07 17:17:46 +00:00
private $realmName ;
private $nonceValiditySeconds ;
private $logger ;
2010-10-19 12:06:43 +01:00
2015-11-07 17:29:53 +00:00
public function __construct ( $realmName , $secret , $nonceValiditySeconds = 300 , LoggerInterface $logger = null )
2010-10-19 12:06:43 +01:00
{
2017-09-26 18:05:58 +01:00
@ trigger_error ( sprintf ( 'The %s class and the whole HTTP digest authentication system is deprecated since 3.4 and will be removed in 4.0.' , __CLASS__ ), E_USER_DEPRECATED );
2010-10-19 12:06:43 +01:00
$this -> realmName = $realmName ;
2015-11-07 17:29:53 +00:00
$this -> secret = $secret ;
2010-10-19 12:06:43 +01:00
$this -> nonceValiditySeconds = $nonceValiditySeconds ;
$this -> logger = $logger ;
}
2013-08-21 23:25:28 +01:00
/**
* { @ inheritdoc }
*/
2011-03-18 17:26:55 +00:00
public function start ( Request $request , AuthenticationException $authException = null )
2010-10-19 12:06:43 +01:00
{
$expiryTime = microtime ( true ) + $this -> nonceValiditySeconds * 1000 ;
2015-11-07 17:29:53 +00:00
$signatureValue = md5 ( $expiryTime . ':' . $this -> secret );
2010-10-19 12:06:43 +01:00
$nonceValue = $expiryTime . ':' . $signatureValue ;
$nonceValueBase64 = base64_encode ( $nonceValue );
$authenticateHeader = sprintf ( 'Digest realm="%s", qop="auth", nonce="%s"' , $this -> realmName , $nonceValueBase64 );
if ( $authException instanceof NonceExpiredException ) {
2015-03-07 19:12:23 +00:00
$authenticateHeader .= ', stale="true"' ;
2010-10-19 12:06:43 +01:00
}
if ( null !== $this -> logger ) {
2015-01-15 09:04:56 +00:00
$this -> logger -> debug ( 'WWW-Authenticate header sent.' , array ( 'header' => $authenticateHeader ));
2010-10-19 12:06:43 +01:00
}
$response = new Response ();
$response -> headers -> set ( 'WWW-Authenticate' , $authenticateHeader );
2012-10-31 16:45:37 +00:00
$response -> setStatusCode ( 401 );
2010-10-19 12:06:43 +01:00
return $response ;
}
2011-09-06 12:32:33 +01:00
2015-11-07 17:29:53 +00:00
/**
* @ return string
*/
public function getSecret ()
{
return $this -> secret ;
2011-09-06 12:32:33 +01:00
}
2013-08-21 23:25:28 +01:00
/**
* @ return string
*/
2011-09-06 12:32:33 +01:00
public function getRealmName ()
{
return $this -> realmName ;
}
2010-10-19 12:06:43 +01:00
}