Chris@0: Chris@0: * Chris@0: * For the full copyright and license information, please view the LICENSE Chris@0: * file that was distributed with this source code. Chris@0: */ Chris@0: Chris@0: namespace Symfony\Component\HttpFoundation; Chris@0: Chris@0: /** Chris@0: * ServerBag is a container for HTTP headers from the $_SERVER variable. Chris@0: * Chris@0: * @author Fabien Potencier Chris@0: * @author Bulat Shakirzyanov Chris@0: * @author Robert Kiss Chris@0: */ Chris@0: class ServerBag extends ParameterBag Chris@0: { Chris@0: /** Chris@0: * Gets the HTTP headers. Chris@0: * Chris@0: * @return array Chris@0: */ Chris@0: public function getHeaders() Chris@0: { Chris@17: $headers = []; Chris@17: $contentHeaders = ['CONTENT_LENGTH' => true, 'CONTENT_MD5' => true, 'CONTENT_TYPE' => true]; Chris@0: foreach ($this->parameters as $key => $value) { Chris@0: if (0 === strpos($key, 'HTTP_')) { Chris@0: $headers[substr($key, 5)] = $value; Chris@0: } Chris@0: // CONTENT_* are not prefixed with HTTP_ Chris@0: elseif (isset($contentHeaders[$key])) { Chris@0: $headers[$key] = $value; Chris@0: } Chris@0: } Chris@0: Chris@0: if (isset($this->parameters['PHP_AUTH_USER'])) { Chris@0: $headers['PHP_AUTH_USER'] = $this->parameters['PHP_AUTH_USER']; Chris@0: $headers['PHP_AUTH_PW'] = isset($this->parameters['PHP_AUTH_PW']) ? $this->parameters['PHP_AUTH_PW'] : ''; Chris@0: } else { Chris@0: /* Chris@0: * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default Chris@0: * For this workaround to work, add these lines to your .htaccess file: Chris@0: * RewriteCond %{HTTP:Authorization} ^(.+)$ Chris@0: * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] Chris@0: * Chris@0: * A sample .htaccess file: Chris@0: * RewriteEngine On Chris@0: * RewriteCond %{HTTP:Authorization} ^(.+)$ Chris@0: * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] Chris@0: * RewriteCond %{REQUEST_FILENAME} !-f Chris@0: * RewriteRule ^(.*)$ app.php [QSA,L] Chris@0: */ Chris@0: Chris@0: $authorizationHeader = null; Chris@0: if (isset($this->parameters['HTTP_AUTHORIZATION'])) { Chris@0: $authorizationHeader = $this->parameters['HTTP_AUTHORIZATION']; Chris@0: } elseif (isset($this->parameters['REDIRECT_HTTP_AUTHORIZATION'])) { Chris@0: $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION']; Chris@0: } Chris@0: Chris@0: if (null !== $authorizationHeader) { Chris@0: if (0 === stripos($authorizationHeader, 'basic ')) { Chris@0: // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic Chris@0: $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2); Chris@17: if (2 == \count($exploded)) { Chris@0: list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded; Chris@0: } Chris@0: } elseif (empty($this->parameters['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) { Chris@0: // In some circumstances PHP_AUTH_DIGEST needs to be set Chris@0: $headers['PHP_AUTH_DIGEST'] = $authorizationHeader; Chris@0: $this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader; Chris@0: } elseif (0 === stripos($authorizationHeader, 'bearer ')) { Chris@0: /* Chris@0: * XXX: Since there is no PHP_AUTH_BEARER in PHP predefined variables, Chris@0: * I'll just set $headers['AUTHORIZATION'] here. Chris@0: * http://php.net/manual/en/reserved.variables.server.php Chris@0: */ Chris@0: $headers['AUTHORIZATION'] = $authorizationHeader; Chris@0: } Chris@0: } Chris@0: } Chris@0: Chris@0: if (isset($headers['AUTHORIZATION'])) { Chris@0: return $headers; Chris@0: } Chris@0: Chris@0: // PHP_AUTH_USER/PHP_AUTH_PW Chris@0: if (isset($headers['PHP_AUTH_USER'])) { Chris@0: $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']); Chris@0: } elseif (isset($headers['PHP_AUTH_DIGEST'])) { Chris@0: $headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST']; Chris@0: } Chris@0: Chris@0: return $headers; Chris@0: } Chris@0: }