From 548f4fd0ea2396653e28bef6550f5be8890474d0 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Thu, 27 Jun 2019 20:37:35 +0200 Subject: [PATCH] [HttpClient] Add support for NTLM authentication --- .../DependencyInjection/Configuration.php | 3 +++ src/Symfony/Component/HttpClient/CHANGELOG.md | 1 + .../Component/HttpClient/CurlHttpClient.php | 24 ++++++++++++++++++- .../Component/HttpClient/HttpClientTrait.php | 4 ++++ 4 files changed, 31 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php index ea64157fde9bc..1b16809d62ada 100644 --- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php +++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php @@ -1414,6 +1414,9 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode) ->scalarNode('auth_bearer') ->info('A token enabling HTTP Bearer authorization.') ->end() + ->scalarNode('auth_ntlm') + ->info('A "username:password" pair to use Microsoft NTLM authentication (requires the cURL extension).') + ->end() ->arrayNode('query') ->info('Associative array of query string values merged with the base URI.') ->useAttributeAsKey('key') diff --git a/src/Symfony/Component/HttpClient/CHANGELOG.md b/src/Symfony/Component/HttpClient/CHANGELOG.md index b2f900bf39b96..5348259f63f14 100644 --- a/src/Symfony/Component/HttpClient/CHANGELOG.md +++ b/src/Symfony/Component/HttpClient/CHANGELOG.md @@ -6,6 +6,7 @@ CHANGELOG * made `Psr18Client` implement relevant PSR-17 factories * added `HttplugClient` + * added support for NTLM authentication 4.3.0 ----- diff --git a/src/Symfony/Component/HttpClient/CurlHttpClient.php b/src/Symfony/Component/HttpClient/CurlHttpClient.php index 199a3b4ea17f7..bdc12f61e95bc 100644 --- a/src/Symfony/Component/HttpClient/CurlHttpClient.php +++ b/src/Symfony/Component/HttpClient/CurlHttpClient.php @@ -39,7 +39,10 @@ final class CurlHttpClient implements HttpClientInterface, LoggerAwareInterface use HttpClientTrait; use LoggerAwareTrait; - private $defaultOptions = self::OPTIONS_DEFAULTS; + private $defaultOptions = self::OPTIONS_DEFAULTS + [ + 'auth_ntlm' => null, // array|string - an array containing the username as first value, and optionally the + // password as the second one; or string like username:password - enabling NTLM auth + ]; /** * An internal object to share state between the client and its responses. @@ -152,6 +155,25 @@ public function request(string $method, string $url, array $options = []): Respo CURLOPT_CERTINFO => $options['capture_peer_cert_chain'], ]; + if (isset($options['auth_ntlm'])) { + $curlopts[CURLOPT_HTTPAUTH] = CURLAUTH_NTLM; + + if (\is_array($options['auth_ntlm'])) { + $count = \count($options['auth_ntlm']); + if ($count <= 0 || $count > 2) { + throw new InvalidArgumentException(sprintf('Option "auth_ntlm" must contain 1 or 2 elements, %s given.', $count)); + } + + $options['auth_ntlm'] = implode(':', $options['auth_ntlm']); + } + + if (!\is_string($options['auth_ntlm'])) { + throw new InvalidArgumentException(sprintf('Option "auth_ntlm" must be string or an array, %s given.', \gettype($options['auth_ntlm']))); + } + + $curlopts[CURLOPT_USERPWD] = $options['auth_ntlm']; + } + if (!ZEND_THREAD_SAFE) { $curlopts[CURLOPT_DNS_USE_GLOBAL_CACHE] = false; } diff --git a/src/Symfony/Component/HttpClient/HttpClientTrait.php b/src/Symfony/Component/HttpClient/HttpClientTrait.php index 4d263f46db7de..73921c2a75456 100644 --- a/src/Symfony/Component/HttpClient/HttpClientTrait.php +++ b/src/Symfony/Component/HttpClient/HttpClientTrait.php @@ -181,6 +181,10 @@ private static function mergeDefaultOptions(array $options, array $defaultOption } } + if ('auth_ntlm' === $name) { + throw new InvalidArgumentException(sprintf('Option "%s" is not supported by %s, try using CurlHttpClient instead.', __CLASS__)); + } + throw new InvalidArgumentException(sprintf('Unsupported option "%s" passed to %s, did you mean "%s"?', $name, __CLASS__, implode('", "', $alternatives ?: array_keys($defaultOptions)))); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy