. */ namespace SP\Providers\Auth\Browser; use SP\Domain\Auth\Dtos\UserLoginDto; use SP\Domain\Config\Ports\ConfigDataInterface; use SP\Domain\Http\RequestInterface; use SP\Providers\Auth\AuthService; /** * Class Browser * * Autentificación basada en credenciales del navegador * * @implements AuthService */ final class BrowserAuth implements BrowserAuthService { private ConfigDataInterface $configData; private RequestInterface $request; public function __construct(ConfigDataInterface $configData, RequestInterface $request) { $this->configData = $configData; $this->request = $request; } /** * Authenticate using user's data * * @param UserLoginDto $userLoginDto * @return BrowserAuthData */ public function authenticate(UserLoginDto $userLoginDto): BrowserAuthData { $browserAuthData = new BrowserAuthData($this->isAuthGranted()); if (!empty($userLoginDto->getLoginUser()) && !empty($userLoginDto->getLoginPass()) && $this->checkServerAuthUser($userLoginDto->getLoginUser()) ) { return $browserAuthData->success(); } if ($this->configData->isAuthBasicAutoLoginEnabled()) { $authUser = $this->getServerAuthUser(); $authPass = $this->getAuthPass(); if ($authUser !== null && $authPass !== null) { $userLoginDto->setLoginUser($authUser); $userLoginDto->setLoginPass($authPass); $browserAuthData->setName($authUser); return $browserAuthData->success(); } return $browserAuthData->fail(); } return $this->checkServerAuthUser($userLoginDto->getLoginUser()) ? $browserAuthData->success() : $browserAuthData->fail(); } /** * Indica si es requerida para acceder a la aplicación * * @return bool */ public function isAuthGranted(): bool { return $this->configData->isAuthBasicAutoLoginEnabled(); } /** * Comprobar si el usuario es autentificado por el servidor web * * @param $login string El login del usuario a comprobar * * @return bool|null */ public function checkServerAuthUser(string $login): ?bool { $domain = $this->configData->getAuthBasicDomain() ?? ''; $authUser = $this->getServerAuthUser(); if (empty($authUser)) { return null; } if (preg_match('/\w+@\w+/', $authUser)) { return sprintf('%s@%s', $login, $domain) === $authUser; } return $authUser === $login; } /** * Devolver el nombre del usuario autentificado por el servidor web * * @return string|null */ public function getServerAuthUser(): ?string { $authUser = $this->request->getServer('PHP_AUTH_USER'); if (!empty($authUser)) { return $authUser; } $remoteUser = $this->request->getServer('REMOTE_USER'); if (!empty($remoteUser)) { return $remoteUser; } return null; } /** * Devolver la clave del usuario autentificado por el servidor web * * @return string|null */ protected function getAuthPass(): ?string { $authPass = $this->request->getServer('PHP_AUTH_PW'); return !empty($authPass) ? $authPass : null; } }