diff --git a/rcc/api/auth/DigestAuth.php b/rcc/api/auth/DigestAuth.php deleted file mode 100644 index ed3ea1d..0000000 --- a/rcc/api/auth/DigestAuth.php +++ /dev/null @@ -1,52 +0,0 @@ - - * @license MIT License - * @link http://marcel-kapfer.de/rangitaki - */ -namespace mmk2410\rbe\digestAuth; - -/** - * PHP Version 7 - * - * Authentication Helper Class - * - * @category Authentication - * @package Rbe - * @author Marcel Kapfer (mmk2410) - * @license MIT License - * @link http://marcel-kapfer.de/rangitaki - */ -class DigestAuth -{ - - /** - * parser for http digest - * - * @param $txt data to parse - * - * @return parsed data or FALSE - */ - public function httpDigestParse($txt) - { - // protect against missing data - $needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1); - $data = array(); - $keys = implode('|', array_keys($needed_parts)); - - preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER); - - foreach ($matches as $m) { - $data[$m[1]] = $m[3] ? $m[3] : $m[4]; - unset($needed_parts[$m[1]]); - } - - return $needed_parts ? false : $data; - } -} diff --git a/rcc/api/auth/auth.php b/rcc/api/auth/auth.php index f02646e..ab22d6c 100644 --- a/rcc/api/auth/auth.php +++ b/rcc/api/auth/auth.php @@ -1,39 +1,22 @@ $password); - -if (empty($_SERVER['PHP_AUTH_DIGEST'])) { +if (!isset($_SERVER['PHP_AUTH_USER'])) { + header('WWW-Authenticate: Basic realm="RCC API"'); header('HTTP/1.1 401 Unauthorized'); - header('WWW-Authenticate: Digest realm="'.$realm. - '",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"'); - - die('Access to RCC API not granted'); -} - - -// analyze the PHP_AUTH_DIGEST variable -if (!($data = DigestAuth::httpDigestParse($_SERVER['PHP_AUTH_DIGEST'])) || - !isset($users[$data['username']])) { - die('Wrong Credentials!'); -} - - -// generate the valid response -$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]); -$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']); -$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2); - -if ($data['response'] != $valid_response) { - die('Wrong Credentials!'); + echo "Access denied to the RCC API!"; + exit; +} elseif ($_SERVER['PHP_AUTH_USER'] != $username || + !password_verify($_SERVER['PHP_AUTH_PW'], $password)) { + header('HTTP/1.1 401 Unauthorized'); + echo "Wrong credentials: Access denied!"; + exit; } diff --git a/rcc/api/list/index.php b/rcc/api/list/index.php index 287f073..f448a9e 100644 --- a/rcc/api/list/index.php +++ b/rcc/api/list/index.php @@ -9,13 +9,13 @@ use \Psr\Http\Message\ResponseInterface as Response; require '../../../vendor/autoload.php'; require '../../../res/php/Config.php'; -include '../auth/auth.php'; - use \mmk2410\rbe\config\Config as Config; $config = new Config("../../../config.yaml", '../../../vendor/autoload.php'); $settings = $config->getConfig(); +include '../auth/auth.php'; + if ($settings["rcc"]["api"] == "on" && $settings["rcc"]["rcc"] == "on") { $app = new \Slim\App(); diff --git a/rcc/api/media/index.php b/rcc/api/media/index.php index fd6804c..c9efcbd 100644 --- a/rcc/api/media/index.php +++ b/rcc/api/media/index.php @@ -10,13 +10,13 @@ require '../../../vendor/autoload.php'; require '../../../res/php/Config.php'; require '../../../res/php/ArticleGenerator.php'; -include '../auth/auth.php'; - use \mmk2410\rbe\config\Config as Config; $config = new Config("../../../config.yaml", '../../../vendor/autoload.php'); $settings = $config->getConfig(); +include '../auth/auth.php'; + if ($settings["rcc"]["api"] == "on" && $settings["rcc"]["rcc"] == "on") { $app = new \Slim\App(); diff --git a/rcc/api/post/index.php b/rcc/api/post/index.php index cc04e70..4636083 100644 --- a/rcc/api/post/index.php +++ b/rcc/api/post/index.php @@ -10,13 +10,13 @@ require '../../../vendor/autoload.php'; require '../../../res/php/Config.php'; require '../../../res/php/ArticleGenerator.php'; -include '../auth/auth.php'; - use \mmk2410\rbe\config\Config as Config; $config = new Config("../../../config.yaml", '../../../vendor/autoload.php'); $settings = $config->getConfig(); +include '../auth/auth.php'; + if ($settings["rcc"]["api"] == "on" && $settings["rcc"]["rcc"] == "on") { $app = new \Slim\App();