File Authentication/Wsse.php

 1 <?php
 2 
 3 namespace Http\Message\Authentication;
 4 
 5 use Http\Message\Authentication;
 6 use Psr\Http\Message\RequestInterface;
 7 
 8 /**
 9  * Authenticate a PSR-7 Request using WSSE.
10  *
11  * @author Márk Sági-Kazár <mark.sagikazar@gmail.com>
12  */
13 final class Wsse implements Authentication
14 {
15     /**
16      * @var string
17      */
18     private $username;
19 
20     /**
21      * @var string
22      */
23     private $password;
24 
25     /**
26      * @param string $username
27      * @param string $password
28      */
29     public function __construct($username, $password)
30     {
31         $this->username = $username;
32         $this->password = $password;
33     }
34 
35     /**
36      * {@inheritdoc}
37      */
38     public function authenticate(RequestInterface $request)
39     {
40         // TODO: generate better nonce?
41         $nonce = substr(md5(uniqid(uniqid().'_', true)), 0, 16);
42         $created = date('c');
43         $digest = base64_encode(sha1(base64_decode($nonce).$created.$this->password, true));
44 
45         $wsse = sprintf(
46             'UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"',
47             $this->username,
48             $digest,
49             $nonce,
50             $created
51         );
52 
53         return $request
54             ->withHeader('Authorization', 'WSSE profile="UsernameToken"')
55             ->withHeader('X-WSSE', $wsse)
56         ;
57     }
58 }
59
Namespaces

Classes

Interfaces

Traits
