Zend Framework  1.12
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Zend_Auth_Adapter_Http Class Reference

Public Member Functions

 __construct (array $config)
 Constructor.
 
 setBasicResolver (Zend_Auth_Adapter_Http_Resolver_Interface $resolver)
 Setter for the _basicResolver property.
 
 getBasicResolver ()
 Getter for the _basicResolver property.
 
 setDigestResolver (Zend_Auth_Adapter_Http_Resolver_Interface $resolver)
 Setter for the _digestResolver property.
 
 getDigestResolver ()
 Getter for the _digestResolver property.
 
 setRequest (Zend_Controller_Request_Http $request)
 Setter for the Request object.
 
 getRequest ()
 Getter for the Request object.
 
 setResponse (Zend_Controller_Response_Http $response)
 Setter for the Response object.
 
 getResponse ()
 Getter for the Response object.
 
 authenticate ()
 Authenticate.
 

Protected Member Functions

 _challengeClient ()
 Challenge Client.
 
 _basicHeader ()
 Basic Header.
 
 _digestHeader ()
 Digest Header.
 
 _basicAuth ($header)
 Basic Authentication.
 
 _digestAuth ($header)
 Digest Authentication.
 
 _calcNonce ()
 Calculate Nonce.
 
 _calcOpaque ()
 Calculate Opaque.
 
 _parseDigestAuth ($header)
 Parse Digest Authorization header.
 
 _secureStringCompare ($a, $b)
 Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g.
 

Protected Attributes

 $_request
 
 $_response
 
 $_basicResolver
 
 $_digestResolver
 
 $_supportedSchemes = array('basic', 'digest')
 
 $_acceptSchemes
 
 $_domains
 
 $_realm
 
 $_nonceTimeout
 
 $_useOpaque
 
 $_supportedAlgos = array('MD5')
 
 $_algo
 
 $_supportedQops = array('auth')
 
 $_imaProxy
 
 $_ieNoOpaque
 

Constructor & Destructor Documentation

__construct ( array  $config)

Constructor.

Parameters
array$configConfiguration settings: 'accept_schemes' => 'basic'|'digest'|'basic digest' 'realm' => <string> 'digest_domains' => <string> Space-delimited list of URIs 'nonce_timeout' => <int> 'use_opaque' => <bool> Whether to send the opaque value in the header 'alogrithm' => <string> See $_supportedAlgos. Default: MD5 'proxy_auth' => <bool> Whether to do authentication as a Proxy
Exceptions
Zend_Auth_Adapter_Exception
Returns
void
See Also
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception

Member Function Documentation

_basicAuth (   $header)
protected

Basic Authentication.

Parameters
string$headerClient's Authorization header
Exceptions
Zend_Auth_Adapter_Exception
Returns
Zend_Auth_Result
See Also
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
_basicHeader ( )
protected

Basic Header.

Generates a Proxy- or WWW-Authenticate header value in the Basic authentication scheme.

Returns
string Authenticate header value
_calcNonce ( )
protected

Calculate Nonce.

Returns
string The nonce value
_calcOpaque ( )
protected

Calculate Opaque.

The opaque string can be anything; the client must return it exactly as it was sent. It may be useful to store data in this string in some applications. Ideally, a new value for this would be generated each time a WWW-Authenticate header is sent (in order to reduce predictability), but we would have to be able to create the same exact value across at least two separate requests from the same client.

Returns
string The opaque value
_challengeClient ( )
protected

Challenge Client.

Sets a 401 or 407 Unauthorized response code, and creates the appropriate Authenticate header(s) to prompt for credentials.

Returns
Zend_Auth_Result Always returns a non-identity Auth result
_digestAuth (   $header)
protected

Digest Authentication.

Parameters
string$headerClient's Authorization header
Exceptions
Zend_Auth_Adapter_Exception
Returns
Zend_Auth_Result Valid auth result only on successful auth
See Also
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception
_digestHeader ( )
protected

Digest Header.

Generates a Proxy- or WWW-Authenticate header value in the Digest authentication scheme.

Returns
string Authenticate header value
_parseDigestAuth (   $header)
protected

Parse Digest Authorization header.

Parameters
string$headerClient's Authorization: HTTP header
Returns
array|false Data elements from header, or false if any part of the header is invalid
_secureStringCompare (   $a,
  $b 
)
protected

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g.

password) being compared against.

Parameters
string$a
string$b
Returns
bool
authenticate ( )

Authenticate.

Exceptions
Zend_Auth_Adapter_Exception
Returns
Zend_Auth_Result
See Also
Zend_Auth_Adapter_Exception
Zend_Auth_Adapter_Exception

Implements Zend_Auth_Adapter_Interface.

getBasicResolver ( )

Getter for the _basicResolver property.

Returns
Zend_Auth_Adapter_Http_Resolver_Interface
getDigestResolver ( )

Getter for the _digestResolver property.

Returns
Zend_Auth_Adapter_Http_Resolver_Interface
getRequest ( )

Getter for the Request object.

Returns
Zend_Controller_Request_Http
getResponse ( )

Getter for the Response object.

Returns
Zend_Controller_Response_Http
setBasicResolver ( Zend_Auth_Adapter_Http_Resolver_Interface  $resolver)

Setter for the _basicResolver property.

Parameters
Zend_Auth_Adapter_Http_Resolver_Interface$resolver
Returns
Zend_Auth_Adapter_Http Provides a fluent interface
setDigestResolver ( Zend_Auth_Adapter_Http_Resolver_Interface  $resolver)

Setter for the _digestResolver property.

Parameters
Zend_Auth_Adapter_Http_Resolver_Interface$resolver
Returns
Zend_Auth_Adapter_Http Provides a fluent interface
setRequest ( Zend_Controller_Request_Http  $request)

Setter for the Request object.

Parameters
Zend_Controller_Request_Http$request
Returns
Zend_Auth_Adapter_Http Provides a fluent interface
setResponse ( Zend_Controller_Response_Http  $response)

Setter for the Response object.

Parameters
Zend_Controller_Response_Http$response
Returns
Zend_Auth_Adapter_Http Provides a fluent interface

Member Data Documentation

$_acceptSchemes
protected
$_algo
protected
$_basicResolver
protected
$_digestResolver
protected
$_domains
protected
$_ieNoOpaque
protected
$_imaProxy
protected
$_nonceTimeout
protected
$_realm
protected
$_request
protected
$_response
protected
$_supportedAlgos = array('MD5')
protected
$_supportedQops = array('auth')
protected
$_supportedSchemes = array('basic', 'digest')
protected
$_useOpaque
protected
Generated by   doxygen 1.8.3