authentication.php 7.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237
  1. <?php
  2. /**
  3. * Base include file for SimpleTest
  4. * @package SimpleTest
  5. * @subpackage WebTester
  6. * @version $Id: authentication.php 2011 2011-04-29 08:22:48Z pp11 $
  7. */
  8. /**
  9. * include http class
  10. */
  11. require_once(dirname(__FILE__) . '/http.php');
  12. /**
  13. * Represents a single security realm's identity.
  14. * @package SimpleTest
  15. * @subpackage WebTester
  16. */
  17. class SimpleRealm {
  18. private $type;
  19. private $root;
  20. private $username;
  21. private $password;
  22. /**
  23. * Starts with the initial entry directory.
  24. * @param string $type Authentication type for this
  25. * realm. Only Basic authentication
  26. * is currently supported.
  27. * @param SimpleUrl $url Somewhere in realm.
  28. * @access public
  29. */
  30. function SimpleRealm($type, $url) {
  31. $this->type = $type;
  32. $this->root = $url->getBasePath();
  33. $this->username = false;
  34. $this->password = false;
  35. }
  36. /**
  37. * Adds another location to the realm.
  38. * @param SimpleUrl $url Somewhere in realm.
  39. * @access public
  40. */
  41. function stretch($url) {
  42. $this->root = $this->getCommonPath($this->root, $url->getPath());
  43. }
  44. /**
  45. * Finds the common starting path.
  46. * @param string $first Path to compare.
  47. * @param string $second Path to compare.
  48. * @return string Common directories.
  49. * @access private
  50. */
  51. protected function getCommonPath($first, $second) {
  52. $first = explode('/', $first);
  53. $second = explode('/', $second);
  54. for ($i = 0; $i < min(count($first), count($second)); $i++) {
  55. if ($first[$i] != $second[$i]) {
  56. return implode('/', array_slice($first, 0, $i)) . '/';
  57. }
  58. }
  59. return implode('/', $first) . '/';
  60. }
  61. /**
  62. * Sets the identity to try within this realm.
  63. * @param string $username Username in authentication dialog.
  64. * @param string $username Password in authentication dialog.
  65. * @access public
  66. */
  67. function setIdentity($username, $password) {
  68. $this->username = $username;
  69. $this->password = $password;
  70. }
  71. /**
  72. * Accessor for current identity.
  73. * @return string Last succesful username.
  74. * @access public
  75. */
  76. function getUsername() {
  77. return $this->username;
  78. }
  79. /**
  80. * Accessor for current identity.
  81. * @return string Last succesful password.
  82. * @access public
  83. */
  84. function getPassword() {
  85. return $this->password;
  86. }
  87. /**
  88. * Test to see if the URL is within the directory
  89. * tree of the realm.
  90. * @param SimpleUrl $url URL to test.
  91. * @return boolean True if subpath.
  92. * @access public
  93. */
  94. function isWithin($url) {
  95. if ($this->isIn($this->root, $url->getBasePath())) {
  96. return true;
  97. }
  98. if ($this->isIn($this->root, $url->getBasePath() . $url->getPage() . '/')) {
  99. return true;
  100. }
  101. return false;
  102. }
  103. /**
  104. * Tests to see if one string is a substring of
  105. * another.
  106. * @param string $part Small bit.
  107. * @param string $whole Big bit.
  108. * @return boolean True if the small bit is
  109. * in the big bit.
  110. * @access private
  111. */
  112. protected function isIn($part, $whole) {
  113. return strpos($whole, $part) === 0;
  114. }
  115. }
  116. /**
  117. * Manages security realms.
  118. * @package SimpleTest
  119. * @subpackage WebTester
  120. */
  121. class SimpleAuthenticator {
  122. private $realms;
  123. /**
  124. * Clears the realms.
  125. * @access public
  126. */
  127. function SimpleAuthenticator() {
  128. $this->restartSession();
  129. }
  130. /**
  131. * Starts with no realms set up.
  132. * @access public
  133. */
  134. function restartSession() {
  135. $this->realms = array();
  136. }
  137. /**
  138. * Adds a new realm centered the current URL.
  139. * Browsers privatey wildly on their behaviour in this
  140. * regard. Mozilla ignores the realm and presents
  141. * only when challenged, wasting bandwidth. IE
  142. * just carries on presenting until a new challenge
  143. * occours. SimpleTest tries to follow the spirit of
  144. * the original standards committee and treats the
  145. * base URL as the root of a file tree shaped realm.
  146. * @param SimpleUrl $url Base of realm.
  147. * @param string $type Authentication type for this
  148. * realm. Only Basic authentication
  149. * is currently supported.
  150. * @param string $realm Name of realm.
  151. * @access public
  152. */
  153. function addRealm($url, $type, $realm) {
  154. $this->realms[$url->getHost()][$realm] = new SimpleRealm($type, $url);
  155. }
  156. /**
  157. * Sets the current identity to be presented
  158. * against that realm.
  159. * @param string $host Server hosting realm.
  160. * @param string $realm Name of realm.
  161. * @param string $username Username for realm.
  162. * @param string $password Password for realm.
  163. * @access public
  164. */
  165. function setIdentityForRealm($host, $realm, $username, $password) {
  166. if (isset($this->realms[$host][$realm])) {
  167. $this->realms[$host][$realm]->setIdentity($username, $password);
  168. }
  169. }
  170. /**
  171. * Finds the name of the realm by comparing URLs.
  172. * @param SimpleUrl $url URL to test.
  173. * @return SimpleRealm Name of realm.
  174. * @access private
  175. */
  176. protected function findRealmFromUrl($url) {
  177. if (! isset($this->realms[$url->getHost()])) {
  178. return false;
  179. }
  180. foreach ($this->realms[$url->getHost()] as $name => $realm) {
  181. if ($realm->isWithin($url)) {
  182. return $realm;
  183. }
  184. }
  185. return false;
  186. }
  187. /**
  188. * Presents the appropriate headers for this location.
  189. * @param SimpleHttpRequest $request Request to modify.
  190. * @param SimpleUrl $url Base of realm.
  191. * @access public
  192. */
  193. function addHeaders(&$request, $url) {
  194. if ($url->getUsername() && $url->getPassword()) {
  195. $username = $url->getUsername();
  196. $password = $url->getPassword();
  197. } elseif ($realm = $this->findRealmFromUrl($url)) {
  198. $username = $realm->getUsername();
  199. $password = $realm->getPassword();
  200. } else {
  201. return;
  202. }
  203. $this->addBasicHeaders($request, $username, $password);
  204. }
  205. /**
  206. * Presents the appropriate headers for this
  207. * location for basic authentication.
  208. * @param SimpleHttpRequest $request Request to modify.
  209. * @param string $username Username for realm.
  210. * @param string $password Password for realm.
  211. * @access public
  212. */
  213. static function addBasicHeaders(&$request, $username, $password) {
  214. if ($username && $password) {
  215. $request->addHeaderLine(
  216. 'Authorization: Basic ' . base64_encode("$username:$password"));
  217. }
  218. }
  219. }
  220. ?>