adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-18 18:46:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add test covering basic auth reading from headers.

Browse source 
In some FastCGI setups basic auth values will only be present in the
header. Fallback to reading that value if the PHP_AUTH super globals are
empty.

Refs #9365
This commit is contained in:
mark_story 2017-04-28 21:48:31 -04:00
parent 09a981ba38
commit 275385d676
2 changed files with 24 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/Cake/Controller/Component/Auth/BasicAuthenticate.php
View file

@ -84,9 +84,9 @@ class BasicAuthenticate extends BaseAuthenticate {
public function getUser(CakeRequest $request) {
$username = env('PHP_AUTH_USER');
$pass = env('PHP_AUTH_PW');
if (empty($username)) {
if (!strlen($username)) {
$httpAuthorization = $request->header('Authorization');
if ($httpAuthorization !== false && strlen($httpAuthorization) > 0 && strpos($httpAuthorization, 'Basic') !== false) {
if (strlen($httpAuthorization) > 0 && strpos($httpAuthorization, 'Basic') !== false) {
list($username, $pass) = explode(':', base64_decode(substr($httpAuthorization, 6)));
}
}

24
lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php
View file

@ -15,8 +15,6 @@
* @since CakePHP(tm) v 2.0
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
App::uses('AuthComponent', 'Controller/Component');
App::uses('BasicAuthenticate', 'Controller/Component/Auth');
App::uses('AppModel', 'Model');
App::uses('CakeRequest', 'Network');
@ -197,6 +195,28 @@ class BasicAuthenticateTest extends CakeTestCase {
$this->assertEquals($expected, $result);
}
/**
* test authenticate success with header values
*
* @return void
*/
public function testAuthenticateSuccessFromHeaders() {
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic ' . base64_encode('mariano:password');
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
$request = new CakeRequest('posts/index', false);
$request->addParams(array('pass' => array(), 'named' => array()));
$result = $this->auth->authenticate($request, $this->response);
$expected = array(
'id' => 1,
'user' => 'mariano',
'created' => '2007-03-17 01:16:23',
'updated' => '2007-03-17 01:18:31'
);
$this->assertEquals($expected, $result);
}
/**
* test contain success
*