File indexing completed on 2024-06-23 05:55:02
0001 <?php 0002 /** 0003 * Zend Framework 0004 * 0005 * LICENSE 0006 * 0007 * This source file is subject to the new BSD license that is bundled 0008 * with this package in the file LICENSE.txt. 0009 * It is also available through the world-wide-web at this URL: 0010 * http://framework.zend.com/license/new-bsd 0011 * If you did not receive a copy of the license and are unable to 0012 * obtain it through the world-wide-web, please send an email 0013 * to license@zend.com so we can send you a copy immediately. 0014 * 0015 * @category Zend 0016 * @package Zend_Auth 0017 * @subpackage Zend_Auth_Adapter_Http 0018 * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) 0019 * @license http://framework.zend.com/license/new-bsd New BSD License 0020 * @version $Id$ 0021 */ 0022 0023 0024 /** 0025 * @see Zend_Auth_Adapter_Http_Resolver_Interface 0026 */ 0027 // require_once 'Zend/Auth/Adapter/Http/Resolver/Interface.php'; 0028 0029 0030 /** 0031 * HTTP Authentication File Resolver 0032 * 0033 * @category Zend 0034 * @package Zend_Auth 0035 * @subpackage Zend_Auth_Adapter_Http 0036 * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) 0037 * @license http://framework.zend.com/license/new-bsd New BSD License 0038 */ 0039 class Zend_Auth_Adapter_Http_Resolver_File implements Zend_Auth_Adapter_Http_Resolver_Interface 0040 { 0041 /** 0042 * Path to credentials file 0043 * 0044 * @var string 0045 */ 0046 protected $_file; 0047 0048 /** 0049 * Constructor 0050 * 0051 * @param string $path Complete filename where the credentials are stored 0052 */ 0053 public function __construct($path = '') 0054 { 0055 if (!empty($path)) { 0056 $this->setFile($path); 0057 } 0058 } 0059 0060 /** 0061 * Set the path to the credentials file 0062 * 0063 * @param string $path 0064 * @throws Zend_Auth_Adapter_Http_Resolver_Exception 0065 * @return Zend_Auth_Adapter_Http_Resolver_File Provides a fluent interface 0066 */ 0067 public function setFile($path) 0068 { 0069 if (empty($path) || !is_readable($path)) { 0070 /** 0071 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0072 */ 0073 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0074 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Path not readable: ' . $path); 0075 } 0076 $this->_file = $path; 0077 0078 return $this; 0079 } 0080 0081 /** 0082 * Returns the path to the credentials file 0083 * 0084 * @return string 0085 */ 0086 public function getFile() 0087 { 0088 return $this->_file; 0089 } 0090 0091 /** 0092 * Resolve credentials 0093 * 0094 * Only the first matching username/realm combination in the file is 0095 * returned. If the file contains credentials for Digest authentication, 0096 * the returned string is the password hash, or h(a1) from RFC 2617. The 0097 * returned string is the plain-text password for Basic authentication. 0098 * 0099 * The expected format of the file is: 0100 * username:realm:sharedSecret 0101 * 0102 * That is, each line consists of the user's username, the applicable 0103 * authentication realm, and the password or hash, each delimited by 0104 * colons. 0105 * 0106 * @param string $username Username 0107 * @param string $realm Authentication Realm 0108 * @throws Zend_Auth_Adapter_Http_Resolver_Exception 0109 * @return string|false User's shared secret, if the user is found in the 0110 * realm, false otherwise. 0111 */ 0112 public function resolve($username, $realm) 0113 { 0114 if (empty($username)) { 0115 /** 0116 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0117 */ 0118 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0119 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Username is required'); 0120 } else if (!ctype_print($username) || strpos($username, ':') !== false) { 0121 /** 0122 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0123 */ 0124 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0125 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Username must consist only of printable characters, ' 0126 . 'excluding the colon'); 0127 } 0128 if (empty($realm)) { 0129 /** 0130 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0131 */ 0132 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0133 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Realm is required'); 0134 } else if (!ctype_print($realm) || strpos($realm, ':') !== false) { 0135 /** 0136 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0137 */ 0138 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0139 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Realm must consist only of printable characters, ' 0140 . 'excluding the colon.'); 0141 } 0142 0143 // Open file, read through looking for matching credentials 0144 $fp = @fopen($this->_file, 'r'); 0145 if (!$fp) { 0146 /** 0147 * @see Zend_Auth_Adapter_Http_Resolver_Exception 0148 */ 0149 // require_once 'Zend/Auth/Adapter/Http/Resolver/Exception.php'; 0150 throw new Zend_Auth_Adapter_Http_Resolver_Exception('Unable to open password file: ' . $this->_file); 0151 } 0152 0153 // No real validation is done on the contents of the password file. The 0154 // assumption is that we trust the administrators to keep it secure. 0155 while (($line = fgetcsv($fp, 512, ':')) !== false) { 0156 if ($line[0] == $username && $line[1] == $realm) { 0157 $password = $line[2]; 0158 fclose($fp); 0159 return $password; 0160 } 0161 } 0162 0163 fclose($fp); 0164 return false; 0165 } 0166 }