- Work done to support Basic / Bearer / Digest method
This commit is contained in:
Dave Mc Nicoll
parent
0f2886b266
commit
9570320a3b
|
|
@ -3,13 +3,14 @@
|
||||||
namespace Ulmus\User\Authorize\Header;
|
namespace Ulmus\User\Authorize\Header;
|
||||||
|
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
|
use Ulmus\User\Entity\BasicAuthUserInterface;
|
||||||
use Ulmus\User\Entity\UserInterface;
|
use Ulmus\User\Entity\UserInterface;
|
||||||
use Ulmus\User\Lib\Authorize;
|
use Ulmus\User\Lib\Authorize;
|
||||||
|
|
||||||
class BasicMethod
|
class BasicMethod implements MethodInterface
|
||||||
{
|
{
|
||||||
public function __construct(
|
public function __construct(
|
||||||
protected UserInterface $user,
|
protected BasicAuthUserInterface $user,
|
||||||
protected string|array $arguments
|
protected string|array $arguments
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
|
|
@ -28,7 +29,7 @@ class BasicMethod
|
||||||
throw new \RuntimeException("A password must be provided");
|
throw new \RuntimeException("A password must be provided");
|
||||||
}
|
}
|
||||||
|
|
||||||
( new Authorize($this->user) )->authenticate([ 'email' => $userName, 'username' => $userName ], $password);
|
( new Authorize($this->user) )->authenticate([ $this->user->usernameField() => $userName ], $password);
|
||||||
|
|
||||||
return $this->user->loggedIn();
|
return $this->user->loggedIn();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ namespace Ulmus\User\Authorize\Header;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Ulmus\User\Entity\UserInterface;
|
use Ulmus\User\Entity\UserInterface;
|
||||||
|
|
||||||
class BearerMethod
|
class BearerMethod implements MethodInterface
|
||||||
{
|
{
|
||||||
public function __construct(
|
public function __construct(
|
||||||
protected UserInterface $user,
|
protected UserInterface $user,
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ namespace Ulmus\User\Authorize\Header;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Ulmus\User\Entity\DigestAuthUserInterface;
|
use Ulmus\User\Entity\DigestAuthUserInterface;
|
||||||
|
|
||||||
class DigestMethod
|
class DigestMethod implements MethodInterface
|
||||||
{
|
{
|
||||||
public function __construct(
|
public function __construct(
|
||||||
protected DigestAuthUserInterface $user,
|
protected DigestAuthUserInterface $user,
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,10 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Ulmus\User\Authorize\Header;
|
||||||
|
|
||||||
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
|
|
||||||
|
interface MethodInterface
|
||||||
|
{
|
||||||
|
public function execute(ServerRequestInterface $request) : bool;
|
||||||
|
}
|
||||||
|
|
@ -15,24 +15,27 @@ class HeaderAuthentication implements AuthorizeMethodInterface
|
||||||
|
|
||||||
switch(strtolower($method)) {
|
switch(strtolower($method)) {
|
||||||
case "basic":
|
case "basic":
|
||||||
return (new Header\BasicMethod($user, $value))->execute($request);
|
$methodObj = new Header\BasicMethod($user, $value);
|
||||||
|
break;
|
||||||
|
|
||||||
case "digest":
|
case "digest":
|
||||||
if (! $user instanceof DigestAuthUserInterface) {
|
if (! $user instanceof DigestAuthUserInterface) {
|
||||||
throw new \RuntimeException("Your user entity must provide a valid hash of `user:realm:password` ");
|
throw new \RuntimeException("Your user entity must provide a valid hash of `user:realm:password` ");
|
||||||
}
|
}
|
||||||
|
|
||||||
return (new Header\DigestMethod($user, $value))->execute($request);
|
$method = new Header\DigestMethod($user, $value);
|
||||||
|
break;
|
||||||
|
|
||||||
case "bearer":
|
case "bearer":
|
||||||
return (new Header\BearerMethod($user, $value))->execute($request);
|
$method = new Header\BearerMethod($user, $value);
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
throw new \InvalidArgumentException("An authentication method must be provided");
|
throw new \InvalidArgumentException("An authentication method must be provided");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return isset($methodObj) && $methodObj->execute($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,8 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Ulmus\User\Entity;
|
||||||
|
|
||||||
|
interface BasicAuthUserInterface extends UserInterface
|
||||||
|
{
|
||||||
|
public function usernameField() : string;
|
||||||
|
}
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
namespace Ulmus\User\Entity;
|
namespace Ulmus\User\Entity;
|
||||||
|
|
||||||
interface DigestAuthUserInterface
|
interface DigestAuthUserInterface extends UserInterface
|
||||||
{
|
{
|
||||||
# Represent a hash (md5, sha256, ...) of username:realm:password
|
# Represent a hash (md5, sha256, ...) of username:realm:password
|
||||||
public function getSecretHash() : string;
|
public function getSecretHash() : string;
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@ abstract class User implements UserInterface {
|
||||||
|
|
||||||
public function verifyPassword(string $password) : bool
|
public function verifyPassword(string $password) : bool
|
||||||
{
|
{
|
||||||
return password_verify($password, $this->password);
|
return password_verify($password, $this->password ?? null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function fullName() : string
|
public function fullName() : string
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue