Test case for Nginx+PHP for passing along credentials

test-php-basic-auth.php

<?php
define('WPIZED_AUTH_USER', 'jsmith');
define('WPIZED_AUTH_PASS', 'password');

header( 'Cache-Control: no-cache, must-revalidate, max-age=0' );

$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));

$is_not_authenticated = (
	!$has_supplied_credentials ||
	$_SERVER['PHP_AUTH_USER'] != WPIZED_AUTH_USER ||
	$_SERVER['PHP_AUTH_PW']   != WPIZED_AUTH_PASS
);

if( $is_not_authenticated ){
	header( 'HTTP/1.1 401 Authorization Required' );
	header( sprintf('WWW-Authenticate: Basic realm="Test case, user: %s, pass: %s"', WPIZED_AUTH_USER, WPIZED_AUTH_PASS) );
	
	if (!$has_supplied_credentials) {
		print "<p style='color:red'><strong>FAIL</strong> (If you supplied credentials, they were not received.)</p>";
	}
	else {
		print "<p style='color:green'><strong>PASS</strong> (bad credentials, but something was received)</p>";
	}
}
else {
	print "<p style='color:green'><strong>PASS</strong> (credentials good)</p>";
}


print '<pre>';
print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER'])));
print "\n";
print '$_SERVER[PHP_AUTH_PW] => ' . (!isset($_SERVER['PHP_AUTH_PW']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_PW'])));
print "\n";
print '$_SERVER[HTTP_AUTHORIZATION] => ' . (!isset($_SERVER['HTTP_AUTHORIZATION']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['HTTP_AUTHORIZATION'])));
print "\n";
print '</pre>';