4 * HTTP Digest authentication backend class
6 * This class can be used by authentication objects wishing to use HTTP Digest
7 * Most of the digest logic is handled, implementors just need to worry about
8 * the getDigestHash method
12 * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
13 * @author Evert Pot (http://www.rooftopsolutions.nl/)
14 * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
16 abstract class Sabre_DAV_Auth_Backend_AbstractDigest implements Sabre_DAV_Auth_IBackend {
19 * This variable holds the currently logged in username.
23 protected $currentUser;
26 * Returns a users digest hash based on the username and realm.
28 * If the user was not known, null must be returned.
30 * @param string $realm
31 * @param string $username
34 abstract public function getDigestHash($realm, $username);
37 * Authenticates the user based on the current request.
39 * If authentication is successful, true must be returned.
40 * If authentication fails, an exception must be thrown.
42 * @param Sabre_DAV_Server $server
43 * @param string $realm
44 * @throws Sabre_DAV_Exception_NotAuthenticated
47 public function authenticate(Sabre_DAV_Server $server, $realm) {
49 $digest = new Sabre_HTTP_DigestAuth();
51 // Hooking up request and response objects
52 $digest->setHTTPRequest($server->httpRequest);
53 $digest->setHTTPResponse($server->httpResponse);
55 $digest->setRealm($realm);
58 $username = $digest->getUsername();
60 // No username was given
62 $digest->requireLogin();
63 throw new Sabre_DAV_Exception_NotAuthenticated('No digest authentication headers were found');
66 $hash = $this->getDigestHash($realm, $username);
67 // If this was false, the user account didn't exist
68 if ($hash===false || is_null($hash)) {
69 $digest->requireLogin();
70 throw new Sabre_DAV_Exception_NotAuthenticated('The supplied username was not on file');
72 if (!is_string($hash)) {
73 throw new Sabre_DAV_Exception('The returned value from getDigestHash must be a string or null');
76 // If this was false, the password or part of the hash was incorrect.
77 if (!$digest->validateA1($hash)) {
78 $digest->requireLogin();
79 throw new Sabre_DAV_Exception_NotAuthenticated('Incorrect username');
82 $this->currentUser = $username;
88 * Returns the currently logged in username.
92 public function getCurrentUser() {
94 return $this->currentUser;