symfony/src/Symfony/Component/Security/Http/EntryPoint/DigestAuthenticationEntryPoint.php

<?php

/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\Security\Http\EntryPoint;

use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\NonceExpiredException;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Request;
use Psr\Log\LoggerInterface;

/**
 * DigestAuthenticationEntryPoint starts an HTTP Digest authentication.
 *
 * @author Fabien Potencier <fabien@symfony.com>
 */
class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface
{
    private $key;
    private $realmName;
    private $nonceValiditySeconds;
    private $logger;

    public function __construct($realmName, $key, $nonceValiditySeconds = 300, LoggerInterface $logger = null)
    {
        $this->realmName = $realmName;
        $this->key = $key;
        $this->nonceValiditySeconds = $nonceValiditySeconds;
        $this->logger = $logger;
    }

    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        $expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000;
        $signatureValue = md5($expiryTime.':'.$this->key);
        $nonceValue = $expiryTime.':'.$signatureValue;
        $nonceValueBase64 = base64_encode($nonceValue);

        $authenticateHeader = sprintf('Digest realm="%s", qop="auth", nonce="%s"', $this->realmName, $nonceValueBase64);

        if ($authException instanceof NonceExpiredException) {
            $authenticateHeader .= ', stale="true"';
        }

        if (null !== $this->logger) {
            $this->logger->debug('WWW-Authenticate header sent.', array('header' => $authenticateHeader));
        }

        $response = new Response();
        $response->headers->set('WWW-Authenticate', $authenticateHeader);
        $response->setStatusCode(401);

        return $response;
    }

    /**
     * @return string
     */
    public function getKey()
    {
        return $this->key;
    }

    /**
     * @return string
     */
    public function getRealmName()
    {
        return $this->realmName;
    }
}
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`<?php`

normalized license messages in PHP files 2011-01-15 13:29:43 +00:00			`/*`
			`* This file is part of the Symfony package.`
			`*`
replaced symfony-project.org by symfony.com 2011-03-06 11:40:06 +00:00			`* (c) Fabien Potencier <fabien@symfony.com>`
normalized license messages in PHP files 2011-01-15 13:29:43 +00:00			`*`
			`* For the full copyright and license information, please view the LICENSE`
			`* file that was distributed with this source code.`
			`*/`

namespace changes Symfony\Component\Security -> Symfony\Component\Security\Core Symfony\Component\Security\Acl remains unchanged Symfony\Component\HttpKernel\Security -> Symfony\Component\Security\Http 2011-01-26 20:34:11 +00:00			`namespace Symfony\Component\Security\Http\EntryPoint;`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
namespace changes Symfony\Component\Security -> Symfony\Component\Security\Core Symfony\Component\Security\Acl remains unchanged Symfony\Component\HttpKernel\Security -> Symfony\Component\Security\Http 2011-01-26 20:34:11 +00:00			`use Symfony\Component\Security\Core\Exception\AuthenticationException;`
fixed previous commit 2011-02-04 18:38:42 +00:00			`use Symfony\Component\Security\Core\Exception\NonceExpiredException;`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`use Symfony\Component\HttpFoundation\Response;`
			`use Symfony\Component\HttpFoundation\Request;`
Remove use of deprecated HttpKernel LoggerInterface 2013-01-09 09:41:17 +00:00			`use Psr\Log\LoggerInterface;`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
			`/**`
			`* DigestAuthenticationEntryPoint starts an HTTP Digest authentication.`
			`*`
replaced symfony-project.org by symfony.com 2011-03-06 11:40:06 +00:00			`* @author Fabien Potencier <fabien@symfony.com>`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`*/`
			`class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface`
			`{`
[Security] various changes, see below - visibility changes from protected to private - AccountInterface -> UserInterface - SecurityContext::vote() -> SecurityContext::isGranted() 2011-03-07 17:17:46 +00:00			`private $key;`
			`private $realmName;`
			`private $nonceValiditySeconds;`
			`private $logger;`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
			`public function __construct($realmName, $key, $nonceValiditySeconds = 300, LoggerInterface $logger = null)`
			`{`
			`$this->realmName = $realmName;`
			`$this->key = $key;`
			`$this->nonceValiditySeconds = $nonceValiditySeconds;`
			`$this->logger = $logger;`
			`}`

Added doc comments 2013-08-21 23:25:28 +01:00			`/**`
			`* {@inheritdoc}`
			`*/`
[Security] removed un-needed event parameter from many interfaces 2011-03-18 17:26:55 +00:00			`public function start(Request $request, AuthenticationException $authException = null)`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`{`
			`$expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000;`
			`$signatureValue = md5($expiryTime.':'.$this->key);`
			`$nonceValue = $expiryTime.':'.$signatureValue;`
			`$nonceValueBase64 = base64_encode($nonceValue);`

			`$authenticateHeader = sprintf('Digest realm="%s", qop="auth", nonce="%s"', $this->realmName, $nonceValueBase64);`

			`if ($authException instanceof NonceExpiredException) {`
Php Inspections (EA Extended) - static code analysis includes: Reduce couple count calls in [Yaml] Modernize type casting, fix several strict comparisons Unsets merged Elvis operator usage Short syntax for applied operations 2015-03-07 19:12:23 +00:00			`$authenticateHeader .= ', stale="true"';`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`}`

			`if (null !== $this->logger) {`
[DX] Attempt to improve logging messages with parameters 2015-01-15 09:04:56 +00:00			`$this->logger->debug('WWW-Authenticate header sent.', array('header' => $authenticateHeader));`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`}`

			`$response = new Response();`
			`$response->headers->set('WWW-Authenticate', $authenticateHeader);`
[Security] removed the 401 error custom status message 2012-10-31 16:45:37 +00:00			`$response->setStatusCode(401);`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00
			`return $response;`
			`}`
Added missing method to HTTP Digest entry point 2011-09-06 12:32:33 +01:00
Added doc comments 2013-08-21 23:25:28 +01:00			`/**`
			`* @return string`
			`*/`
Added missing method to HTTP Digest entry point 2011-09-06 12:32:33 +01:00			`public function getKey()`
			`{`
			`return $this->key;`
			`}`

Added doc comments 2013-08-21 23:25:28 +01:00			`/**`
			`* @return string`
			`*/`
Added missing method to HTTP Digest entry point 2011-09-06 12:32:33 +01:00			`public function getRealmName()`
			`{`
			`return $this->realmName;`
			`}`
added the Security Component and its integration into the MVC framework Happy birthday symfony! 2010-10-19 12:06:43 +01:00			`}`