Merge pull request zendframework/zendframework#2087 from davidwindell…

…/patch-7 [Auth] Allow basic resolver to return AuthResult
zendframework · Aug 3, 2012 · a185b42 · a185b42
commit a185b42
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 1 deletion.
diff --git a/src/Adapter/Http.php b/src/Adapter/Http.php
@@ -487,7 +487,11 @@ protected function _basicAuth($header)
 
         $result = $this->basicResolver->resolve($creds[0], $this->realm, $creds[1]);
 
-        if ($result
+        if ($result instanceof Authentication\Result && $result->isValid()) {
+            return $result;
+        }
+
+        if (!$result instanceof Authentication\Result
             && !is_array($result)
             && $this->_secureStringCompare($result, $creds[1])
         ) {

diff --git a/test/Adapter/Http/AuthTest.php b/test/Adapter/Http/AuthTest.php
@@ -480,4 +480,28 @@ protected function _checkBadRequest($data)
         // Make sure it set the right HTTP code
         $this->assertEquals(400, $status);
     }
+
+    public function testBasicAuthValidCredsWithCustomIdentityObjectResolverReturnsAuthResult()
+    {
+        $this->_basicResolver  = new TestAsset\BasicAuthObjectResolver();
+
+        $result = $this->_doAuth('Basic ' . base64_encode('Bryce:ThisIsNotMyPassword'), 'basic');
+        $result = $result['result'];
+
+        $this->assertInstanceOf('Zend\\Authentication\\Result', $result);
+        $this->assertTrue($result->isValid());
+    }
+
+    public function testBasicAuthInvalidCredsWithCustomIdentityObjectResolverReturnsUnauthorizedResponse()
+    {
+        $this->_basicResolver  = new TestAsset\BasicAuthObjectResolver();
+        $data = $this->_doAuth('Basic ' . base64_encode('David:ThisIsNotMyPassword'), 'basic');
+
+        $expected = array(
+            'type'   => 'Basic ',
+            'realm'  => 'realm="' . $this->_bothConfig['realm'] . '"',
+        );
+
+        $this->_checkUnauthorized($data, $expected);
+    }
 }
diff --git a/test/Adapter/Http/TestAsset/BasicAuthObjectResolver.php b/test/Adapter/Http/TestAsset/BasicAuthObjectResolver.php
@@ -0,0 +1,36 @@
+<?php
+/**
+ * Zend Framework (http://framework.zend.com/)
+ *
+ * @link      http://github.com/zendframework/zf2 for the canonical source repository
+ * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   http://framework.zend.com/license/new-bsd New BSD License
+ * @package   Zend_Authentication
+ */
+
+namespace ZendTest\Authentication\Adapter\Http\TestAsset;
+
+use Zend\Authentication\Result as AuthenticationResult;
+use Zend\Authentication\Adapter\Http\ResolverInterface;
+
+class BasicAuthObjectResolver implements ResolverInterface
+{
+    public function resolve($username, $realm, $password = null)
+    {
+        if ($username == 'Bryce' && $password == 'ThisIsNotMyPassword') {
+            $identity = new \stdClass();
+
+            return new AuthenticationResult(
+                AuthenticationResult::SUCCESS,
+                $identity,
+                array('Authentication successful.')
+            );
+        }
+
+        return new AuthenticationResult(
+            AuthenticationResult::FAILURE,
+            null,
+            array('Authentication failed.')
+        );
+    }
+}