/test-php-basic-auth.php
Created Jul 17, 2012
Test case for Nginx+PHP for passing along credentials
| <?php | |
| define('WPIZED_AUTH_USER', 'jsmith'); | |
| define('WPIZED_AUTH_PASS', 'password'); | |
| header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); | |
| $has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW'])); | |
| $is_not_authenticated = ( | |
| !$has_supplied_credentials || | |
| $_SERVER['PHP_AUTH_USER'] != WPIZED_AUTH_USER || | |
| $_SERVER['PHP_AUTH_PW'] != WPIZED_AUTH_PASS | |
| ); | |
| if( $is_not_authenticated ){ | |
| header( 'HTTP/1.1 401 Authorization Required' ); | |
| header( sprintf('WWW-Authenticate: Basic realm="Test case, user: %s, pass: %s"', WPIZED_AUTH_USER, WPIZED_AUTH_PASS) ); | |
| if (!$has_supplied_credentials) { | |
| print "<p style='color:red'><strong>FAIL</strong> (If you supplied credentials, they were not received.)</p>"; | |
| } | |
| else { | |
| print "<p style='color:green'><strong>PASS</strong> (bad credentials, but something was received)</p>"; | |
| } | |
| } | |
| else { | |
| print "<p style='color:green'><strong>PASS</strong> (credentials good)</p>"; | |
| } | |
| print '<pre>'; | |
| print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER']))); | |
| print "\n"; | |
| print '$_SERVER[PHP_AUTH_PW] => ' . (!isset($_SERVER['PHP_AUTH_PW']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_PW']))); | |
| print "\n"; | |
| print '$_SERVER[HTTP_AUTHORIZATION] => ' . (!isset($_SERVER['HTTP_AUTHORIZATION']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['HTTP_AUTHORIZATION']))); | |
| print "\n"; | |
| print '</pre>'; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment