From 9570320a3bc43ad1ca99190390eb8c4b4fa4fb14 Mon Sep 17 00:00:00 2001 From: Dave Mc Nicoll Date: Mon, 13 Nov 2023 14:23:24 -0500 Subject: [PATCH] - Work done to support Basic / Bearer / Digest method --- src/Authorize/Header/BasicMethod.php | 7 ++++--- src/Authorize/Header/BearerMethod.php | 2 +- src/Authorize/Header/DigestMethod.php | 2 +- src/Authorize/Header/MethodInterface.php | 10 ++++++++++ src/Authorize/HeaderAuthentication.php | 11 +++++++---- src/Entity/BasicAuthUserInterface.php | 8 ++++++++ src/Entity/DigestAuthUserInterface.php | 2 +- src/Entity/User.php | 2 +- 8 files changed, 33 insertions(+), 11 deletions(-) create mode 100644 src/Authorize/Header/MethodInterface.php create mode 100644 src/Entity/BasicAuthUserInterface.php diff --git a/src/Authorize/Header/BasicMethod.php b/src/Authorize/Header/BasicMethod.php index eda349f..954dde7 100644 --- a/src/Authorize/Header/BasicMethod.php +++ b/src/Authorize/Header/BasicMethod.php @@ -3,13 +3,14 @@ namespace Ulmus\User\Authorize\Header; use Psr\Http\Message\ServerRequestInterface; +use Ulmus\User\Entity\BasicAuthUserInterface; use Ulmus\User\Entity\UserInterface; use Ulmus\User\Lib\Authorize; -class BasicMethod +class BasicMethod implements MethodInterface { public function __construct( - protected UserInterface $user, + protected BasicAuthUserInterface $user, protected string|array $arguments ) {} @@ -28,7 +29,7 @@ class BasicMethod throw new \RuntimeException("A password must be provided"); } - ( new Authorize($this->user) )->authenticate([ 'email' => $userName, 'username' => $userName ], $password); + ( new Authorize($this->user) )->authenticate([ $this->user->usernameField() => $userName ], $password); return $this->user->loggedIn(); } diff --git a/src/Authorize/Header/BearerMethod.php b/src/Authorize/Header/BearerMethod.php index 86147f4..9b627ae 100644 --- a/src/Authorize/Header/BearerMethod.php +++ b/src/Authorize/Header/BearerMethod.php @@ -5,7 +5,7 @@ namespace Ulmus\User\Authorize\Header; use Psr\Http\Message\ServerRequestInterface; use Ulmus\User\Entity\UserInterface; -class BearerMethod +class BearerMethod implements MethodInterface { public function __construct( protected UserInterface $user, diff --git a/src/Authorize/Header/DigestMethod.php b/src/Authorize/Header/DigestMethod.php index ddf2a8b..7968a85 100644 --- a/src/Authorize/Header/DigestMethod.php +++ b/src/Authorize/Header/DigestMethod.php @@ -5,7 +5,7 @@ namespace Ulmus\User\Authorize\Header; use Psr\Http\Message\ServerRequestInterface; use Ulmus\User\Entity\DigestAuthUserInterface; -class DigestMethod +class DigestMethod implements MethodInterface { public function __construct( protected DigestAuthUserInterface $user, diff --git a/src/Authorize/Header/MethodInterface.php b/src/Authorize/Header/MethodInterface.php new file mode 100644 index 0000000..3f12ed1 --- /dev/null +++ b/src/Authorize/Header/MethodInterface.php @@ -0,0 +1,10 @@ +execute($request); + $methodObj = new Header\BasicMethod($user, $value); + break; case "digest": if (! $user instanceof DigestAuthUserInterface) { throw new \RuntimeException("Your user entity must provide a valid hash of `user:realm:password` "); } - return (new Header\DigestMethod($user, $value))->execute($request); + $method = new Header\DigestMethod($user, $value); + break; case "bearer": - return (new Header\BearerMethod($user, $value))->execute($request); + $method = new Header\BearerMethod($user, $value); + break; default: throw new \InvalidArgumentException("An authentication method must be provided"); } } - return false; + return isset($methodObj) && $methodObj->execute($request); } diff --git a/src/Entity/BasicAuthUserInterface.php b/src/Entity/BasicAuthUserInterface.php new file mode 100644 index 0000000..2c939ca --- /dev/null +++ b/src/Entity/BasicAuthUserInterface.php @@ -0,0 +1,8 @@ +password); + return password_verify($password, $this->password ?? null); } public function fullName() : string