AutoBasicAuth.php
6 months ago
BasicAuth.php
6 months ago
Bearer.php
6 months ago
Chain.php
6 months ago
Matching.php
6 months ago
QueryParam.php
6 months ago
RequestConditional.php
6 months ago
Wsse.php
6 months ago
QueryParam.php
51 lines
| 1 | <?php |
| 2 | |
| 3 | namespace AmeliaHttp\Message\Authentication; |
| 4 | |
| 5 | use AmeliaHttp\Message\Authentication; |
| 6 | use AmeliaVendor\Psr\Http\Message\RequestInterface; |
| 7 | |
| 8 | /** |
| 9 | * Authenticate a PSR-7 Request by adding parameters to its query. |
| 10 | * |
| 11 | * Note: Although in some cases it can be useful, we do not recommend using query parameters for authentication. |
| 12 | * Credentials in the URL is generally unsafe as they are not encrypted, anyone can see them. |
| 13 | * |
| 14 | * @author Márk Sági-Kazár <mark.sagikazar@gmail.com> |
| 15 | */ |
| 16 | final class QueryParam implements Authentication |
| 17 | { |
| 18 | /** |
| 19 | * @var array |
| 20 | */ |
| 21 | private $params = []; |
| 22 | |
| 23 | /** |
| 24 | * @param array $params |
| 25 | */ |
| 26 | public function __construct(array $params) |
| 27 | { |
| 28 | $this->params = $params; |
| 29 | } |
| 30 | |
| 31 | /** |
| 32 | * {@inheritdoc} |
| 33 | */ |
| 34 | public function authenticate(RequestInterface $request) |
| 35 | { |
| 36 | $uri = $request->getUri(); |
| 37 | $query = $uri->getQuery(); |
| 38 | $params = []; |
| 39 | |
| 40 | parse_str($query, $params); |
| 41 | |
| 42 | $params = array_merge($params, $this->params); |
| 43 | |
| 44 | $query = http_build_query($params, "", '&'); |
| 45 | |
| 46 | $uri = $uri->withQuery($query); |
| 47 | |
| 48 | return $request->withUri($uri); |
| 49 | } |
| 50 | } |
| 51 |