You are here

Home » API reference » Secure Site 8 » SecuresiteManager.php » SecuresiteManager

public function SecuresiteManager::getMechanism in Secure Site 8

Return the appropriate method of authentication for the request

Return value

int type of the authentication mechanism

Overrides SecuresiteManagerInterface::getMechanism

1 call to SecuresiteManager::getMechanism()
SecuresiteManager::digestAuth in src/SecuresiteManager.php
Perform digest authentication.

File

src/SecuresiteManager.php, line 67
Contains \Drupal\securesite\SecuresiteManager.

Class

SecuresiteManager

Namespace

Drupal\securesite

Code

public function getMechanism() {
  static $mechanism;
  $request = $this->request;
  if (!isset($mechanism)) {

    // PHP in CGI mode work-arounds. Sometimes "REDIRECT_" prefixes $_SERVER
    // variables. See http://www.php.net/reserved.variables.
    if (empty($request->headers
      ->get('HTTP_AUTHORIZATION')) && !empty($request->headers
      ->get('REDIRECT_HTTP_AUTHORIZATION'))) {
      $request->headers
        ->set('HTTP_AUTHORIZATION', $request->headers
        ->get('REDIRECT_HTTP_AUTHORIZATION'));
    }
    if (!empty($request->headers
      ->get('HTTP_AUTHORIZATION'))) {
      list($type, $authorization) = explode(' ', $request->headers
        ->get('HTTP_AUTHORIZATION'), 2);
      switch (drupal_strtolower($type)) {
        case 'digest':
          $request->headers
            ->set('PHP_AUTH_DIGEST', $authorization);
          break;
        case 'basic':
          $credentials = explode(':', base64_decode($authorization), 2);
          $request->headers
            ->set('PHP_AUTH_USER', $credentials[0]);
          $request->headers
            ->set('PHP_AUTH_PW', $credentials[1]);
          break;
      }
    }
    $mechanism = FALSE;
    $types = $this->configFactory
      ->get('securesite.settings')
      ->get('securesite_type');
    rsort($types, SORT_NUMERIC);
    foreach ($types as $type) {
      switch ($type) {
        case SECURESITE_DIGEST:
          if ($_SERVER['PHP_AUTH_DIGEST'] != null) {
            $mechanism = SECURESITE_DIGEST;
            break 2;
          }
          break;
        case SECURESITE_BASIC:
          if ($request->headers
            ->get('PHP_AUTH_USER') != null || $request->headers
            ->get('PHP_AUTH_PW') != null) {
            $mechanism = SECURESITE_BASIC;
            break 2;
          }
          break;
        case SECURESITE_FORM:
          if ($request->request
            ->get('form_id') != null && $request->request
            ->get('form_id') == 'securesite_login_form') {
            $mechanism = SECURESITE_FORM;
            break 2;
          }
          break;
      }
    }
  }
  return $mechanism;
}