Skip to content

Instantly share code, notes, and snippets.

@son0203

son0203/test-php-basic-auth.php

Forked from rchrd2/test-php-basic-auth.php
Created February 8, 2020 01:22
Show Gist options
  • Save son0203/e8d2ff7f17fe9ff16b453c8172335dba to your computer and use it in GitHub Desktop.
Save son0203/e8d2ff7f17fe9ff16b453c8172335dba to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @rchrd2 rchrd2 revised this gist Dec 11, 2016. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion test-php-basic-auth.php
    View file
    Original file line number Diff line number Diff line change
    @@ -11,7 +11,7 @@ function require_auth() {
    );
    if ($is_not_authenticated) {
    header('HTTP/1.1 401 Authorization Required');
    header(sprintf('WWW-Authenticate: Basic realm="Access denied"', $AUTH_USER, $AUTH_PASS));
    header('WWW-Authenticate: Basic realm="Access denied"');
    exit;
    }
    }
  2. @rchrd2 rchrd2 revised this gist Dec 11, 2016. 1 changed file with 15 additions and 36 deletions.
    51 changes: 15 additions & 36 deletions test-php-basic-auth.php
    View file
    Original file line number Diff line number Diff line change
    @@ -1,38 +1,17 @@
    <?php
    define('WPIZED_AUTH_USER', 'jsmith');
    define('WPIZED_AUTH_PASS', 'password');

    header( 'Cache-Control: no-cache, must-revalidate, max-age=0' );

    $has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));

    $is_not_authenticated = (
    !$has_supplied_credentials ||
    $_SERVER['PHP_AUTH_USER'] != WPIZED_AUTH_USER ||
    $_SERVER['PHP_AUTH_PW'] != WPIZED_AUTH_PASS
    );

    if( $is_not_authenticated ){
    header( 'HTTP/1.1 401 Authorization Required' );
    header( sprintf('WWW-Authenticate: Basic realm="Test case, user: %s, pass: %s"', WPIZED_AUTH_USER, WPIZED_AUTH_PASS) );

    if (!$has_supplied_credentials) {
    print "<p style='color:red'><strong>FAIL</strong> (If you supplied credentials, they were not received.)</p>";
    function require_auth() {
    $AUTH_USER = 'admin';
    $AUTH_PASS = 'admin';
    header('Cache-Control: no-cache, must-revalidate, max-age=0');
    $has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
    $is_not_authenticated = (
    !$has_supplied_credentials ||
    $_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
    $_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
    );
    if ($is_not_authenticated) {
    header('HTTP/1.1 401 Authorization Required');
    header(sprintf('WWW-Authenticate: Basic realm="Access denied"', $AUTH_USER, $AUTH_PASS));
    exit;
    }
    else {
    print "<p style='color:green'><strong>PASS</strong> (bad credentials, but something was received)</p>";
    }
    }
    else {
    print "<p style='color:green'><strong>PASS</strong> (credentials good)</p>";
    }


    print '<pre>';
    print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER'])));
    print "\n";
    print '$_SERVER[PHP_AUTH_PW] => ' . (!isset($_SERVER['PHP_AUTH_PW']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_PW'])));
    print "\n";
    print '$_SERVER[HTTP_AUTHORIZATION] => ' . (!isset($_SERVER['HTTP_AUTHORIZATION']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['HTTP_AUTHORIZATION'])));
    print "\n";
    print '</pre>';
    }
  3. @westonruter westonruter revised this gist Jul 17, 2012. 1 changed file with 5 additions and 1 deletion.
    6 changes: 5 additions & 1 deletion test-php-basic-auth.php
    View file
    Original file line number Diff line number Diff line change
    @@ -29,6 +29,10 @@


    print '<pre>';
    print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER']))) . "\n";
    print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER'])));
    print "\n";
    print '$_SERVER[PHP_AUTH_PW] => ' . (!isset($_SERVER['PHP_AUTH_PW']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_PW'])));
    print "\n";
    print '$_SERVER[HTTP_AUTHORIZATION] => ' . (!isset($_SERVER['HTTP_AUTHORIZATION']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['HTTP_AUTHORIZATION'])));
    print "\n";
    print '</pre>';
  4. @westonruter westonruter created this gist Jul 17, 2012.
    34 changes: 34 additions & 0 deletions test-php-basic-auth.php
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,34 @@
    <?php
    define('WPIZED_AUTH_USER', 'jsmith');
    define('WPIZED_AUTH_PASS', 'password');

    header( 'Cache-Control: no-cache, must-revalidate, max-age=0' );

    $has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));

    $is_not_authenticated = (
    !$has_supplied_credentials ||
    $_SERVER['PHP_AUTH_USER'] != WPIZED_AUTH_USER ||
    $_SERVER['PHP_AUTH_PW'] != WPIZED_AUTH_PASS
    );

    if( $is_not_authenticated ){
    header( 'HTTP/1.1 401 Authorization Required' );
    header( sprintf('WWW-Authenticate: Basic realm="Test case, user: %s, pass: %s"', WPIZED_AUTH_USER, WPIZED_AUTH_PASS) );

    if (!$has_supplied_credentials) {
    print "<p style='color:red'><strong>FAIL</strong> (If you supplied credentials, they were not received.)</p>";
    }
    else {
    print "<p style='color:green'><strong>PASS</strong> (bad credentials, but something was received)</p>";
    }
    }
    else {
    print "<p style='color:green'><strong>PASS</strong> (credentials good)</p>";
    }


    print '<pre>';
    print '$_SERVER[PHP_AUTH_USER] => ' . (!isset($_SERVER['PHP_AUTH_USER']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_USER']))) . "\n";
    print '$_SERVER[PHP_AUTH_PW] => ' . (!isset($_SERVER['PHP_AUTH_PW']) ? '(not set)' : htmlspecialchars(json_encode($_SERVER['PHP_AUTH_PW'])));
    print '</pre>';