embr

[embrj/master.git] / basic_auth.php

<?php\r
/* from http://www.rooftopsolutions.nl/blog/223 */\r
\r
        $validUser = BASIC_AUTH_USER;\r
        $validPass = BASIC_AUTH_PW;\r
        \r
        $realm = 'input your speicial username and password here from your sitemaster';\r
        $nonce = uniqid(); \r
        $digest = getDigest();\r
        if (is_null($digest)) requireLogin($realm,$nonce); \r
        $digestParts = digestParse($digest);\r
        $A1 = md5("{$validUser}:{$realm}:{$validPass}");\r
        $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}");\r
        $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}");\r
        \r
        if ($digestParts['response']!=$validResponse) requireLogin($realm,$nonce);\r
        function getDigest() {\r
    if (isset($_SERVER['PHP_AUTH_DIGEST'])) {\r
        $digest = $_SERVER['PHP_AUTH_DIGEST'];\r
    } elseif (isset($_SERVER['HTTP_AUTHENTICATION'])) {\r
            if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']),'digest')===0) \r
              $digest = substr($_SERVER['HTTP_AUTHORIZATION'], 7);\r
    }\r
    return $digest;\r
        }\r
\r
function requireLogin($realm,$nonce) {\r
    header('WWW-Authenticate: Digest realm="' . $realm . '",qop="auth",nonce="' . $nonce . '",opaque="' . md5($realm) . '"');\r
    header('HTTP/1.0 401 Unauthorized');\r
    die();\r
}\r
\r
function digestParse($digest) {\r
    $needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);\r
    $data = array();\r
    preg_match_all('@(\w+)=(?:(?:")([^"]+)"|([^\s,$]+))@', $digest, $matches, PREG_SET_ORDER);\r
    foreach ($matches as $m) {\r
        $data[$m[1]] = $m[2] ? $m[2] : $m[3];\r
        unset($needed_parts[$m[1]]);\r
    }\r
    return $needed_parts ? false : $data;\r
}\r
?>