Startseite Erkunden Hilfe
Registrieren Anmelden
aj
/
chamilo-lms2
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Branch: ofajdev2017
Branches Tags
chamilo-lms2
/
main
/
webservices
/
http-auth.php

http-auth.php 2.2 KB
Permalink Verlauf Originalformat

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt */
    3. 

  3. /**
    4. 

  4.  * @package chamilo.webservices
    5. 

  5.  */
    6. 

  6. $realm = 'The batcave';
    7. 

  7. 

  8. // Just a random id
    9. 

  9. $nonce = uniqid();
    10. 

  10. 

  11. // Get the digest from the http header
    12. 

  12. $digest = getDigest();
    13. 

  13. 

  14. // If there was no digest, show login
    15. 

  15. if (is_null($digest)) requireLogin($realm, $nonce);
    16. 

  16. 

  17. $digestParts = digestParse($digest);
    18. 

  18. 

  19. $validUser = 'admin';
    20. 

  20. $validPass = 'admin';
    21. 

  21. 

  22. // Based on all the info we gathered we can figure out what the response should be
    23. 

  23. $A1 = md5("{$digestParts['username']}:{$realm}:{$validPass}");
    24. 

  24. $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}");
    25. 

  25. 

  26. $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}");
    27. 

  27. 

  28. if ($digestParts['response'] != $validResponse)
    29. 

  29.   requireLogin($realm, $nonce);
    30. 

  30. else {
    31. 

  31.   // We're in!
    32. 

  32.   echo 'a7532ae474e5e66a0c16eddab02e02a7';
    33. 

  33.   die();
    34. 

  34. }
    35. 

  35. 

  36. // This function returns the digest string
    37. 

  37. function getDigest() {
    38. 

  38. 

  39.     // mod_php
    40. 

  40.     if (isset($_SERVER['PHP_AUTH_DIGEST'])) {
    41. 

  41.         $digest = $_SERVER['PHP_AUTH_DIGEST'];
    42. 

  42.     // most other servers
    43. 

  43.     }
    44. 

  44.     elseif (isset($_SERVER['HTTP_AUTHENTICATION'])) {
    45. 

  45.       if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']), 'digest') === 0)
    46. 

  46.         $digest = substr($_SERVER['HTTP_AUTHORIZATION'], 7);
    47. 

  47.     }
    48. 

  48.     elseif (isset($_SERVER['HTTP_WWW_AUTHENTICATE'])) {
    49. 

  49.       $digest = $_SERVER['HTTP_WWW_AUTHENTICATE'];
    50. 

  50.     }
    51. 

  51.     return $digest;
    52. 

  52. 

  53. }
    54. 

  54. 

  55. // This function forces a login prompt
    56. 

  56. function requireLogin($realm, $nonce) {
    57. 

  57.     header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth",nonce="'.$nonce.'",opaque="'.md5($realm).'"');
    58. 

  58.     header('HTTP/1.1 401');
    59. 

  59.     echo 'Authentication Canceled';
    60. 

  60.     die();
    61. 

  61. }
    62. 

  62. 

  63. // This function extracts the separate values from the digest string
    64. 

  64. function digestParse($digest) {
    65. 

  65.     // protect against missing data
    66. 

  66.     $needed_parts = array('nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1);
    67. 

  67.     $data = array();
    68. 

  68. 

  69.     preg_match_all('@(\w+)=(?:(?:")([^"]+)"|([^\s,$]+))@', $digest, $matches, PREG_SET_ORDER);
    70. 

  70. 

  71.     foreach ($matches as $m) {
    72. 

  72.         $data[$m[1]] = $m[2] ? $m[2] : $m[3];
    73. 

  73.         unset($needed_parts[$m[1]]);
    74. 

  74.     }
    75. 

  75.     return $needed_parts ? false : $data;
    76. 

  76. }
    77.