cougar_tutorial/lib/Security/DbBasicAuthenticationProvider.php at step3 · alfmel/cougar_tutorial · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php

namespace CougarTutorial\Security;

use Cougar\Security\iAuthenticationProvider;
use Cougar\Security\iIdentity;
use Cougar\Security\Identity;
use Cougar\RestService\iRestService;
use Cougar\Exceptions\AuthenticationRequiredException;

/**
 * Implements the Cougar Authentication Provider interface via HTTP Basic
 * Authentication. It verifies usernames and passwords and obtains identities
 * from the User model that implements the Identity interface.
 */
class DbBasicAuthenticationProvider implements iAuthenticationProvider
{
    /**
     * Accepts references to a Cougar RestService and an object implementing the
     * Identity interface.
     *
     * @param \Cougar\RestService\iRestService $rest_service
     *   RestService object used to retrieve Authorization header
     * @param iIdentityProvider $identity_provider
     *   Identity provider object that will validate and obtain the identity
     */
    public function __construct(iRestService $rest_service,
        iIdentityProvider $identity_provider)
    {
        // Store the references
        $this->restService = $rest_service;
        $this->identityProvider = $identity_provider;
    }


    /***************************************************************************
     * PUBLIC PROPERTIES AND METHODS
     **************************************************************************/

    /**
     * Authenticates the client. If authentication is successful, the method
     * will return an object that implements the iIdentity object. If
     * authentication fails, the method should return a null.
     *
     * @return iIdentity Identity object
     * @throws \Cougar\Exceptions\AuthenticationRequiredException
     */
    public function authenticate()
    {
        // PHP automatically parses the Authorization header for us; we just
        // need to check if the PHP_AUTH_USER key exists in the $_SERVER
        // superglobal
        if (array_key_exists("PHP_AUTH_USER", $_SERVER))
        {
            // Get the credentials
            $credentials = new UsernamePasswordCredentials();
            $credentials->username = $_SERVER["PHP_AUTH_USER"];
            $credentials->password = $_SERVER["PHP_AUTH_PW"];

            // Get the identity from the credentials
            $identity = $this->identityProvider->getIdentity($credentials);

            if ($identity)
            {
                // Return the identity object
                return new Identity($identity["id"], $identity);
            }
            else
            {
                // Invalid credentials; throw an exception
                throw new AuthenticationRequiredException(
                    "Invalid username/password");
            }
        }
    }


    /***************************************************************************
     * PROTECTED PROPERTIES AND METHODS
     **************************************************************************/

    /**
     * @var \Cougar\RestService\iRestService Rest service
     */
    protected $restService = null;

    /**
     * @var iIdentityProvider Identity provider
     */
    protected $identityProvider = null;
}
?>