authparams : add the method used to matche the user
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5292 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
@@ -11,6 +11,8 @@ class authparams
|
||||
public $email = null;
|
||||
/** The password of the user when provided */
|
||||
public $password = null;
|
||||
/** The method used to get the authentication data */
|
||||
public $method = null;
|
||||
|
||||
/** Parse the different authentication processes to found the email/password
|
||||
* of the user.
|
||||
@@ -24,6 +26,7 @@ class authparams
|
||||
{
|
||||
$this->email = "cli";
|
||||
$this->password = "";
|
||||
$this->method = null;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -34,12 +37,14 @@ class authparams
|
||||
$res = $this->$authprocess();
|
||||
$this->email = $res["email"];
|
||||
$this->password = $res["password"];
|
||||
$this->method = $authprocess;
|
||||
break;
|
||||
}
|
||||
catch (\Exception $e)
|
||||
{
|
||||
$this->email = "anonymous";
|
||||
$this->password = "anonymous";
|
||||
$this->method = null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -63,8 +68,8 @@ class authparams
|
||||
public function session ()
|
||||
// {{{
|
||||
{
|
||||
if (!isset ($_SESSION))
|
||||
throw new \Exception ("No session previously opened", 403);
|
||||
if (!isset ($_SESSION) || session_id () === "")
|
||||
session_start ();
|
||||
if (!isset ($_SESSION["domframework"]["auth"]["email"]) ||
|
||||
!isset ($_SESSION["domframework"]["auth"]["password"]))
|
||||
throw new \Exception ("No previous email in session", 403);
|
||||
@@ -78,8 +83,7 @@ class authparams
|
||||
public function http ()
|
||||
// {{{
|
||||
{
|
||||
$realm = dgettext ("domframework",
|
||||
"Restricted access");
|
||||
$realm = dgettext ("domframework", "Restricted access");
|
||||
if (!isset ($_SERVER['PHP_AUTH_USER']))
|
||||
{
|
||||
throw new \Exception ("No user defined in HTTP header", 401);
|
||||
@@ -111,13 +115,13 @@ class authparams
|
||||
}
|
||||
// }}}
|
||||
|
||||
/** Get the information from a JSON Web Token
|
||||
/** Get the information from a Bearer Token
|
||||
* The token MUST be set in HTTP Header :
|
||||
* Authorization: Bearer <token>
|
||||
* The real verification are done in authjwt, as we can not have the
|
||||
* jwtServerKey defined in property : the execution is done in constructor
|
||||
*/
|
||||
public function jwt ()
|
||||
public function bearer ()
|
||||
// {{{
|
||||
{
|
||||
if (! isset ($_SERVER["HTTP_AUTHENTICATION"]))
|
||||
@@ -125,8 +129,8 @@ class authparams
|
||||
if (substr ($_SERVER["HTTP_AUTHENTICATION"], 0, 7) !== "Bearer ")
|
||||
throw new \Exception ("No Bearer Authentication available", 401);
|
||||
$token = substr ($_SERVER["HTTP_AUTHENTICATION"], 7);
|
||||
return ["email" => "NOT YET VALID : TOKEN IN JWT",
|
||||
"password" => "NONE IN JWT"];
|
||||
return array ("email" => "NOT YET VALID : TOKEN IN JWT",
|
||||
"password" => "NONE IN JWT");
|
||||
}
|
||||
// }}}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user