AWS
extends AbstractAuth
in package
HTTP AWS Authentication handler.
Use this class to leverage amazon's AWS authentication header
Tags
Table of Contents
- ERR_INVALIDDATEFORMAT = 3
- ERR_INVALIDSIGNATURE = 5
- ERR_MD5CHECKSUMWRONG = 2
- ERR_NOAWSHEADER = 1
- ERR_REQUESTTIMESKEWED = 4
- $errorCode : int
- An error code, if any.
- $realm : string
- Authentication realm.
- $request : RequestInterface
- Request object.
- $response : ResponseInterface
- Response object.
- $accessKey : string
- The accesskey supplied by the HTTP client.
- $signature : string
- The signature supplied by the HTTP client.
- __construct() : mixed
- Creates the object.
- getAccessKey() : string
- Returns the username for the request.
- getRealm() : string
- Returns the HTTP realm.
- init() : bool
- Gathers all information from the headers.
- requireLogin() : mixed
- Returns an HTTP 401 header, forcing login.
- validate() : bool
- Validates the signature based on the secretKey.
- getAmzHeaders() : string
- Returns a list of AMZ headers.
- validateRFC2616Date() : bool
- Makes sure the supplied value is a valid RFC2616 date.
- hmacsha1() : string
- Generates an HMAC-SHA1 signature.
Constants
ERR_INVALIDDATEFORMAT
public
mixed
ERR_INVALIDDATEFORMAT
= 3
ERR_INVALIDSIGNATURE
public
mixed
ERR_INVALIDSIGNATURE
= 5
ERR_MD5CHECKSUMWRONG
public
mixed
ERR_MD5CHECKSUMWRONG
= 2
ERR_NOAWSHEADER
public
mixed
ERR_NOAWSHEADER
= 1
ERR_REQUESTTIMESKEWED
public
mixed
ERR_REQUESTTIMESKEWED
= 4
Properties
$errorCode
An error code, if any.
public
int
$errorCode
= 0
This value will be filled with one of the ERR_* constants
$realm
Authentication realm.
protected
string
$realm
$request
Request object.
protected
RequestInterface
$request
$response
Response object.
protected
ResponseInterface
$response
$accessKey
The accesskey supplied by the HTTP client.
private
string
$accessKey
= null
$signature
The signature supplied by the HTTP client.
private
string
$signature
= null
Methods
__construct()
Creates the object.
public
__construct([string $realm = 'SabreTooth' ], RequestInterface $request, ResponseInterface $response) : mixed
Parameters
- $realm : string = 'SabreTooth'
- $request : RequestInterface
- $response : ResponseInterface
Return values
mixed —getAccessKey()
Returns the username for the request.
public
getAccessKey() : string
Return values
string —getRealm()
Returns the HTTP realm.
public
getRealm() : string
Return values
string —init()
Gathers all information from the headers.
public
init() : bool
This method needs to be called prior to anything else.
Return values
bool —requireLogin()
Returns an HTTP 401 header, forcing login.
public
requireLogin() : mixed
This should be called when username and password are incorrect, or not supplied at all
Return values
mixed —validate()
Validates the signature based on the secretKey.
public
validate(string $secretKey) : bool
Parameters
- $secretKey : string
Return values
bool —getAmzHeaders()
Returns a list of AMZ headers.
protected
getAmzHeaders() : string
Return values
string —validateRFC2616Date()
Makes sure the supplied value is a valid RFC2616 date.
protected
validateRFC2616Date(string $dateHeader) : bool
If we would just use strtotime to get a valid timestamp, we have no way of checking if a user just supplied the word 'now' for the date header.
This function also makes sure the Date header is within 15 minutes of the operating system date, to prevent replay attacks.
Parameters
- $dateHeader : string
Return values
bool —hmacsha1()
Generates an HMAC-SHA1 signature.
private
hmacsha1(string $key, string $message) : string
Parameters
- $key : string
- $message : string