Merge branch 'feature-http-auth-improvements' of https://github.com/davidwindell/zf2 into feature/http-auth-resolover

weierophinney · weierophinney · commit 4009acaf87ff · 2012-07-03T12:54:38.000-05:00
diff --git a/src/Adapter/Http.php b/src/Adapter/Http.php
@@ -496,14 +496,19 @@ protected function _basicAuth($header)
             return $this->_challengeClient();
         }
 
-        $password = $this->_basicResolver->resolve($creds[0], $this->_realm);
-        if ($password && 
-            $this->_secureStringCompare($password, $creds[1])) {
+        $result = $this->_basicResolver->resolve($creds[0], $this->_realm, $creds[1]);
+        
+        if ($result
+            && !is_array($result)
+            && $this->_secureStringCompare($result, $creds[1])
+        ) {
             $identity = array('username'=>$creds[0], 'realm'=>$this->_realm);
             return new Authentication\Result(Authentication\Result::SUCCESS, $identity);
-        } else {
-            return $this->_challengeClient();
+        } elseif (is_array($result)) {
+            return new Authentication\Result(Authentication\Result::SUCCESS, $result);
         }
+
+        return $this->_challengeClient();
     }
 
     /**
diff --git a/src/Adapter/Http/FileResolver.php b/src/Adapter/Http/FileResolver.php
@@ -99,7 +99,7 @@ public function getFile()
      *         realm, false otherwise.
      * @throws Exception\ExceptionInterface
      */
-    public function resolve($username, $realm)
+    public function resolve($username, $realm, $password = null)
     {
         if (empty($username)) {
             throw new Exception\InvalidArgumentException('Username is required');
diff --git a/src/Adapter/Http/ResolverInterface.php b/src/Adapter/Http/ResolverInterface.php
@@ -40,8 +40,9 @@ interface ResolverInterface
      *
      * @param  string $username Username
      * @param  string $realm    Authentication Realm
-     * @return string|false User's shared secret, if the user is found in the
-     *         realm, false otherwise.
+     * @param  string $password Password (optional)
+     * @return string|array|false User's shared secret as string if found in realm, or User's identity as array
+     *         if resolved, false otherwise.
      */
-    public function resolve($username, $realm);
+    public function resolve($username, $realm, $password = null);
 }

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ public function getFile()`
`99`	`99`	`* realm, false otherwise.`
`100`	`100`	`* @throws Exception\ExceptionInterface`
`101`	`101`	`*/`
`102`		`- public function resolve($username, $realm)`
	`102`	`+ public function resolve($username, $realm, $password = null)`
`103`	`103`	`{`
`104`	`104`	`if (empty($username)) {`
`105`	`105`	`throw new Exception\InvalidArgumentException('Username is required');`
Original file line number	Diff line number	Diff line change
`@@ -40,8 +40,9 @@ interface ResolverInterface`
`40`	`40`	`*`
`41`	`41`	`* @param string $username Username`
`42`	`42`	`* @param string $realm Authentication Realm`
`43`		`- * @return string\|false User's shared secret, if the user is found in the`
`44`		`- * realm, false otherwise.`
	`43`	`+ * @param string $password Password (optional)`
	`44`	`+ * @return string\|array\|false User's shared secret as string if found in realm, or User's identity as array`
	`45`	`+ * if resolved, false otherwise.`
`45`	`46`	`*/`
`46`		`- public function resolve($username, $realm);`
	`47`	`+ public function resolve($username, $realm, $password = null);`
`47`	`48`	`}`