AutoBasicAuth.php
6 months ago
BasicAuth.php
6 months ago
Bearer.php
6 months ago
Chain.php
6 months ago
Matching.php
6 months ago
QueryParam.php
6 months ago
RequestConditional.php
6 months ago
Wsse.php
6 months ago
Wsse.php
59 lines
| 1 | <?php |
| 2 | |
| 3 | namespace AmeliaHttp\Message\Authentication; |
| 4 | |
| 5 | use AmeliaHttp\Message\Authentication; |
| 6 | use AmeliaVendor\Psr\Http\Message\RequestInterface; |
| 7 | |
| 8 | /** |
| 9 | * Authenticate a PSR-7 Request using WSSE. |
| 10 | * |
| 11 | * @author Márk Sági-Kazár <mark.sagikazar@gmail.com> |
| 12 | */ |
| 13 | final class Wsse implements Authentication |
| 14 | { |
| 15 | /** |
| 16 | * @var string |
| 17 | */ |
| 18 | private $username; |
| 19 | |
| 20 | /** |
| 21 | * @var string |
| 22 | */ |
| 23 | private $password; |
| 24 | |
| 25 | /** |
| 26 | * @param string $username |
| 27 | * @param string $password |
| 28 | */ |
| 29 | public function __construct($username, $password) |
| 30 | { |
| 31 | $this->username = $username; |
| 32 | $this->password = $password; |
| 33 | } |
| 34 | |
| 35 | /** |
| 36 | * {@inheritdoc} |
| 37 | */ |
| 38 | public function authenticate(RequestInterface $request) |
| 39 | { |
| 40 | // TODO: generate better nonce? |
| 41 | $nonce = substr(md5(uniqid(uniqid().'_', true)), 0, 16); |
| 42 | $created = date('c'); |
| 43 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$this->password, true)); |
| 44 | |
| 45 | $wsse = sprintf( |
| 46 | 'UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"', |
| 47 | $this->username, |
| 48 | $digest, |
| 49 | $nonce, |
| 50 | $created |
| 51 | ); |
| 52 | |
| 53 | return $request |
| 54 | ->withHeader('Authorization', 'WSSE profile="UsernameToken"') |
| 55 | ->withHeader('X-WSSE', $wsse) |
| 56 | ; |
| 57 | } |
| 58 | } |
| 59 |