/usr/share/php/Horde/Auth/Http.php is in php-horde-auth 2.2.2-1ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 | <?php
/**
* Copyright 1999-2017 Horde LLC (http://www.horde.org/)
*
* See the enclosed file COPYING for license information (LGPL). If you did
* not receive this file, see http://www.horde.org/licenses/lgpl21.
*
* @author Chuck Hagenbuch <chuck@horde.org>
* @category Horde
* @license http://www.horde.org/licenses/lgpl21 LGPL-2.1
* @package Auth
*/
/**
* The Horde_Auth_Http class transparently logs users in to Horde using
* already present HTTP authentication headers.
*
* @author Chuck Hagenbuch <chuck@horde.org>
* @category Horde
* @copyright 1999-2017 Horde LLC
* @license http://www.horde.org/licenses/lgpl21 LGPL-2.1
* @package Auth
*/
class Horde_Auth_Http extends Horde_Auth_Base
{
/**
* An array of capabilities, so that the driver can report which
* operations it supports and which it doesn't.
*
* @var array
*/
protected $_capabilities = array(
'transparent' => true
);
/**
* Array of usernames and hashed passwords.
*
* @var array
*/
protected $_users = array();
/**
* Constructor.
*
* @param array $params Optional parameters:
* <pre>
* 'encryption' - (string) Kind of passwords in the .htpasswd file.
* Either 'crypt-des' (standard crypted htpasswd entries)
* [DEFAULT] or 'aprmd5'. This information is used if
* you want to directly authenticate users with this
* driver, instead of relying on transparent auth.
* 'htpasswd_file' - (string) TODO
* </pre>
*/
public function __construct(array $params = array())
{
$params = array_merge(array(
'encryption' => 'crypt-des'
), $params);
parent::__construct($params);
if (!empty($this->_params['htpasswd_file'])) {
$users = file($this->_params['htpasswd_file']);
if (is_array($users)) {
// Enable the list users capability.
$this->_capabilities['list'] = true;
foreach ($users as $line) {
list($user, $pass) = explode(':', $line, 2);
$this->_users[trim($user)] = trim($pass);
}
}
}
}
/**
* Find out if a set of login credentials are valid. Only supports
* htpasswd files with DES passwords right now.
*
* @param string $userId The userId to check.
* @param array $credentials An array of login credentials. For IMAP,
* this must contain a password entry.
*
* @throws Horde_Auth_Exception
*/
protected function _authenticate($userId, $credentials)
{
if (empty($credentials['password']) ||
empty($this->_users[$userId])) {
throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
}
$hash = Horde_Auth::getCryptedPassword($credentials['password'], $this->_users[$userId], $this->_params['encryption'], !empty($this->_params['show_encryption']));
if ($hash != $this->_users[$userId]) {
throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
}
}
/**
* Lists all users in the system.
*
* @param boolean $sort Sort the users?
*
* @return array The array of userIds.
*/
public function listUsers($sort = false)
{
// this driver sorts by default
$users = array_keys($this->_users);
return $this->_sort($users, $sort);
}
/**
* Automatic authentication: Find out if the client has HTTP
* authentication info present.
*
* @return boolean Whether or not the client is allowed.
*/
public function transparent()
{
if (empty($_SERVER['PHP_AUTH_USER']) ||
empty($_SERVER['PHP_AUTH_PW'])) {
return false;
}
$this->_credentials['userId'] = $_SERVER['PHP_AUTH_USER'];
$this->_credentials['credentials'] = array(
'password' => Horde_Util::dispelMagicQuotes($_SERVER['PHP_AUTH_PW'])
);
return true;
}
}
|