Add authentication by JSON Web Token

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5287 bf3deb0d-5f1a-0410-827f-c0cc1f45334c

authjwt.php

@@ -0,0 +1,77 @@
+<?php
+/** DomFramework
+  * @package domframework
+  * @author Dominique Fournier <dominique@fournier38.fr>
+  */
+
+/** User authentication against JSON Web Token */
+class authjwt extends auth
+{
+  /** If the user is valid, return the email in details
+    */
+  private $email = null;
+  /** No connection to JWT */
+  public function connect ()
+  // {{{
+  {
+    return TRUE;
+  }
+  // }}}
+
+  /** Try to authenticate the email/password of the user
+    * @param string $email Email to authenticate
+    * @param string $password Password to authenticate
+    */
+  public function authentication ($email, $password)
+  {
+    if (! isset ($_SERVER["HTTP_AUTHENTICATION"]))
+      throw new \Exception ("No Authentication available", 401);
+    if (substr ($_SERVER["HTTP_AUTHENTICATION"], 0, 7) !== "Bearer")
+      throw new \Exception ("No Bearer Authentication available", 401);
+    // The JWT was tested in authparams. End of process
+    $this->email = $email;
+  }
+
+  /** Return all the parameters recorded for the authenticate user */
+  public function getdetails ()
+  {
+    if ($email === null)
+      return array ("lastname"  => "anonymous",
+                    "firstname" => "",
+                    "email"     => "anonymous");
+    return array ("email" => $this->email);
+  }
+
+  /** Method to change the password : unavailable in SESSION auth
+    * @param string $oldpassword The old password (to check if the user have the
+    *    rights to change the password)
+    * @param string $newpassword The new password to be recorded
+    */
+  public function changepassword ($oldpassword, $newpassword)
+  {
+    throw new \Exception (dgettext ("domframework",
+                         "The password can't be change for JWT users"),
+                         405);
+  }
+
+  /** Method to overwrite the password (without oldpassword check)
+    * Must be reserved to the administrators. For the users, use changepassword
+    * method
+    * @param string $email the user identifier to select
+    * @param string $newpassword The new password to be recorded
+    */
+  public function overwritepassword ($email, $newpassword)
+  {
+    throw new \Exception (dgettext ("domframework",
+                         "The password can't be overwrite for JWT users"),
+                         405);
+  }
+
+  /** Remove the information from the session */
+  public function logout ()
+  {
+    throw new \Exception (dgettext ("domframework",
+                         "The logout is not available for JWT users"),
+                         405);
+  }
+}