feature #32231 [HttpClient] Add support for NTLM authentication (nicolas-grekas)
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Add support for NTLM authentication
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Someone mentioned NTLM auth on Twitter, so here we are, this adds support for it.
Requires curl.
Commits
-------
548f4fd0ea [HttpClient] Add support for NTLM authentication
This commit is contained in:
Fabien Potencier
commit
df13b506eb
@ -1399,6 +1399,9 @@ class Configuration implements ConfigurationInterface
|
||||
->scalarNode('auth_bearer')
|
||||
->info('A token enabling HTTP Bearer authorization.')
|
||||
->end()
|
||||
->scalarNode('auth_ntlm')
|
||||
->info('A "username:password" pair to use Microsoft NTLM authentication (requires the cURL extension).')
|
||||
->end()
|
||||
->arrayNode('query')
|
||||
->info('Associative array of query string values merged with the base URI.')
|
||||
->useAttributeAsKey('key')
|
||||
|
||||
@ -6,6 +6,7 @@ CHANGELOG
|
||||
|
||||
* made `Psr18Client` implement relevant PSR-17 factories
|
||||
* added `HttplugClient`
|
||||
* added support for NTLM authentication
|
||||
|
||||
4.3.0
|
||||
-----
|
||||
|
||||
@ -37,7 +37,10 @@ final class CurlHttpClient implements HttpClientInterface, LoggerAwareInterface
|
||||
use HttpClientTrait;
|
||||
use LoggerAwareTrait;
|
||||
|
||||
private $defaultOptions = self::OPTIONS_DEFAULTS;
|
||||
private $defaultOptions = self::OPTIONS_DEFAULTS + [
|
||||
'auth_ntlm' => null, // array|string - an array containing the username as first value, and optionally the
|
||||
// password as the second one; or string like username:password - enabling NTLM auth
|
||||
];
|
||||
|
||||
/**
|
||||
* An internal object to share state between the client and its responses.
|
||||
@ -150,6 +153,25 @@ final class CurlHttpClient implements HttpClientInterface, LoggerAwareInterface
|
||||
CURLOPT_CERTINFO => $options['capture_peer_cert_chain'],
|
||||
];
|
||||
|
||||
if (isset($options['auth_ntlm'])) {
|
||||
$curlopts[CURLOPT_HTTPAUTH] = CURLAUTH_NTLM;
|
||||
|
||||
if (\is_array($options['auth_ntlm'])) {
|
||||
$count = \count($options['auth_ntlm']);
|
||||
if ($count <= 0 || $count > 2) {
|
||||
throw new InvalidArgumentException(sprintf('Option "auth_ntlm" must contain 1 or 2 elements, %s given.', $count));
|
||||
}
|
||||
|
||||
$options['auth_ntlm'] = implode(':', $options['auth_ntlm']);
|
||||
}
|
||||
|
||||
if (!\is_string($options['auth_ntlm'])) {
|
||||
throw new InvalidArgumentException(sprintf('Option "auth_ntlm" must be string or an array, %s given.', \gettype($options['auth_ntlm'])));
|
||||
}
|
||||
|
||||
$curlopts[CURLOPT_USERPWD] = $options['auth_ntlm'];
|
||||
}
|
||||
|
||||
if (!ZEND_THREAD_SAFE) {
|
||||
$curlopts[CURLOPT_DNS_USE_GLOBAL_CACHE] = false;
|
||||
}
|
||||
|
||||
@ -179,6 +179,10 @@ trait HttpClientTrait
|
||||
}
|
||||
}
|
||||
|
||||
if ('auth_ntlm' === $name) {
|
||||
throw new InvalidArgumentException(sprintf('Option "%s" is not supported by %s, try using CurlHttpClient instead.', __CLASS__));
|
||||
}
|
||||
|
||||
throw new InvalidArgumentException(sprintf('Unsupported option "%s" passed to %s, did you mean "%s"?', $name, __CLASS__, implode('", "', $alternatives ?: array_keys($defaultOptions))));
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user