gadiener · June 3, 2016 15:25
diff --git a/DigestAuth.php b/DigestAuth.php
 <?php
 /**
 * Digest HTTP Authentication class
 *
 * PHP version 5.5
 *
 * @author Gabriele Diener <[email protected]>
 */

 class DigestAuth {

 	protected static 	$realm 			= "Restricted area",
 						$data			= false,
 						$needed_parts 	= [
 							'nonce' 	=> true,
 							'nc' 		=> true,
 							'cnonce' 	=> true,
 							'qop' 		=> true,
 							'username' 	=> true,
 							'uri' 		=> true,
 							'response' 	=> true
 						];

 	public static function authenticate( $callback = false ) {
 		/**
 		 * analyze the PHP_AUTH_DIGEST variable
 		 */
 		if (
 			Request::server( 'PHP_AUTH_DIGEST', false ) ||
 			!( static::$data = static::parse( Request::server( 'PHP_AUTH_DIGEST', false ) ) ) ||
 			!Options::get( "auth.clients." . static::$data['username'], false ) ||
 			static::$data['response'] !== static::validResponse()
 		) {
 			return is_callable($callback) ? call_user_func($callback) : false;
 		}

 		return true;
 	}

 	public static function failHeader() {
 		return [ "WWW-Authenticate", 'Digest realm="' . static::$realm . '",qop="auth",nonce="' . uniqid() . '",opaque="' . Hash::make(static::$realm) . '"' ];
 	}

 	protected static function parse($txt) {
 		$needed = static::$needed_parts;
 		preg_match_all( '@(' . implode( '|', array_keys($needed) ) . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER );

 		foreach ( $matches as $m ) {
 			$data[$m[1]] = $m[3] ? $m[3] : $m[4];
 			unset($needed[$m[1]]);
 		}

 		return $needed ? false : $data;
 	}

 	/**
 	 * generate the valid response
 	 */
 	protected static function validResponse() {
 		if (!static::$data) return false;
 		$hash = [
 			Hash::make( static::$data['username'] . ":{$realm}:" . Options::get( "auth.clients." . static::$data['username'], false ) ),
 			Hash::make( Request::server('REQUEST_METHOD') . ":" . static::$data['uri'] )
 		];
 		return Hash::make("{$hash[0]}:" . static::$data['nonce'] . ":" . static::$data['nc'] . 	":" . static::$data['cnonce'] . ":" . static::$data['qop'] . ":{$hash[2]}");
 	}
 }
	<?php
	/**
	* Digest HTTP Authentication class
	*
	* PHP version 5.5
	*
	* @author Gabriele Diener <[email protected]>
	*/

	class DigestAuth {

	protected static $realm = "Restricted area",
	$data = false,
	$needed_parts = [
	'nonce' => true,
	'nc' => true,
	'cnonce' => true,
	'qop' => true,
	'username' => true,
	'uri' => true,
	'response' => true
	];

	public static function authenticate( $callback = false ) {
	/**
	* analyze the PHP_AUTH_DIGEST variable
	*/
	if (
	Request::server( 'PHP_AUTH_DIGEST', false ) \|\|
	!( static::$data = static::parse( Request::server( 'PHP_AUTH_DIGEST', false ) ) ) \|\|
	!Options::get( "auth.clients." . static::$data['username'], false ) \|\|
	static::$data['response'] !== static::validResponse()
	) {
	return is_callable($callback) ? call_user_func($callback) : false;
	}

	return true;
	}

	public static function failHeader() {
	return [ "WWW-Authenticate", 'Digest realm="' . static::$realm . '",qop="auth",nonce="' . uniqid() . '",opaque="' . Hash::make(static::$realm) . '"' ];
	}

	protected static function parse($txt) {
	$needed = static::$needed_parts;
	preg_match_all( '@(' . implode( '\|', array_keys($needed) ) . ')=(?:([\'"])([^\2]+?)\2\|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER );

	foreach ( $matches as $m ) {
	$data[$m[1]] = $m[3] ? $m[3] : $m[4];
	unset($needed[$m[1]]);
	}

	return $needed ? false : $data;
	}

	/**
	* generate the valid response
	*/
	protected static function validResponse() {
	if (!static::$data) return false;
	$hash = [
	Hash::make( static::$data['username'] . ":{$realm}:" . Options::get( "auth.clients." . static::$data['username'], false ) ),
	Hash::make( Request::server('REQUEST_METHOD') . ":" . static::$data['uri'] )
	];
	return Hash::make("{$hash[0]}:" . static::$data['nonce'] . ":" . static::$data['nc'] . ":" . static::$data['cnonce'] . ":" . static::$data['qop'] . ":{$hash[2]}");
	}
	}