{"id":21819366,"url":"https://github.com/dflydev/dflydev-stack-authentication","last_synced_at":"2025-07-10T16:34:33.981Z","repository":{"id":56967334,"uuid":"11823468","full_name":"dflydev/dflydev-stack-authentication","owner":"dflydev","description":"STACK-2 Authentication Middlewares","archived":false,"fork":false,"pushed_at":"2018-02-12T11:03:07.000Z","size":144,"stargazers_count":3,"open_issues_count":2,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-14T02:29:08.835Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dflydev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-08-01T17:41:08.000Z","updated_at":"2020-05-17T13:55:57.000Z","dependencies_parsed_at":"2022-08-21T06:10:21.312Z","dependency_job_id":null,"html_url":"https://github.com/dflydev/dflydev-stack-authentication","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dflydev/dflydev-stack-authentication","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflydev%2Fdflydev-stack-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflydev%2Fdflydev-stack-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflydev%2Fdflydev-stack-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflydev%2Fdflydev-stack-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dflydev","download_url":"https://codeload.github.com/dflydev/dflydev-stack-authentication/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflydev%2Fdflydev-stack-authentication/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264608149,"owners_count":23636685,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-27T16:18:41.570Z","updated_at":"2025-07-10T16:34:33.961Z","avatar_url":"https://github.com/dflydev.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"STACK-2 Authentication Middlewares\n==================================\n\nA collection of [Stack][0] middlewares designed to help authentication\nmiddleware implementors adhere to the [STACK-2 Authentication][1] conventions.\n\n\nInstallation\n------------\n\nThrough [Composer][2] as [dflydev/stack-authentication][3].\n\n\nMiddlewares\n-----------\n\n### Authentication Middleware\n\nThe Authentication middleware takes care of setting up the handling of an\ninbound request by taking care of some [STACK-2 Authentication][2] housekeeping\ntasks:\n\n * If the `stack.authn.token` is set, it wraps the application in\n   `WwwAuthenticateStackChallenge` and delegates.\n * Checks the request by calling the **check** callback. The return value is a\n   boolean. If true, the **authenticate** callback is called and its return\n   value is returned. If false, we should not. The default check is to see if\n   there is an Authorization header.\n * If anonymous requests are received and anonymous requests are allowed, it\n   wraps the application in `WwwAuthenticateStackChallenge` and delegates.\n * Otherwise, it returns the result of the **challenge** callback.\n\n#### Usage\n\n```php\n\u003c?php\n\nuse Symfony\\Component\\HttpFoundation\\Response;\nuse Symfony\\Component\\HttpKernel\\HttpKernelInterface;\n\n$check = function (\n    Request $request,\n    $type = HttpKernelInterface::MASTER_REQUEST,\n    $catch = true\n) {\n    // This is the default 'check' callback if a check callback is not defined.\n    // This is here merely for demonstration purposes; if authentication relies\n    // on the existence of an 'authorization' header a 'check' callback does not\n    // need to be defined.\n    return $request-\u003eheaders-\u003ehas('authorization');\n};\n\n$challenge = function (Response $response) {\n    // Assumptions that can be made:\n    // * 401 status code\n    // * WWW-Authenticate header with a value of \"Stack\"\n    //\n    // Expectations:\n    // * MAY set WWW-Authenticate header to another value\n    // * MAY return a brand new response (does not have to be\n    //   the original response)\n    // * MUST return a response\n    return $response;\n};\n\n$authenticate = function (HttpKernelInterface $app, $anonymous) {\n    // Assumptions that can be made:\n    // * The $app can be delegated to at any time\n    // * The anonymous boolean indicates whether or not we\n    //   SHOULD allow anonymous requests through or if we\n    //   should challenge immediately.\n    // * Additional state, like $request, $type, and $catch\n    //   should be passed via use statement if they are needed.\n    //\n    // Expectations:\n    // * SHOULD set 'stack.authn.token' attribute on the request\n    //   when authentication is successful.\n    // * MAY delegate to the passed $app\n    // * MAY return a custom response of any status (for example\n    //   returning a 302 or 400 status response is allowed)\n    // * MUST return a response\n};\n\n$app = new Authentication($app, [\n    'challenge' =\u003e $challenge,\n    'check' =\u003e $check,\n    'authenticate' =\u003e $authenticate,\n    'anonymous' =\u003e true, // default: false\n]);\n```\n\n### WwwAuthenticateStackChallenge Middleware\n\nThe WwwAuthenticateStackChallenge middleware takes care of setting up the\nhandling of an outbound response by taking care of some\n[STACK-2 Authentication][2] housekeeping tasks:\n\n * If the response has a 401 status code and has a WWW-Authenticate header with\n   the value of Stack, it returns the result of the **challenge** callback.\n * Otherwise the original response from the delegated app is returned.\n\n\n#### Usage\n\n```php\n\u003c?php\n\nuse Symfony\\Component\\HttpFoundation\\Response;\n\n$challenge = function (Response $response) {\n    // Assumptions that can be made:\n    // * 401 status code\n    // * WWW-Authenticate header with a value of \"Stack\"\n    //\n    // Expectations:\n    // * MAY set WWW-Authenticate header to another value\n    // * MAY return a brand new response (does not have to be\n    //   the original response)\n    // * MUST return a response\n    return $response;\n};\n\nreturn (new WwwAuthenticateStackChallenge($app, $challenge))\n    -\u003ehandle($request, $type, $catch);\n```\n\n\nLicense\n-------\n\nMIT, see LICENSE.\n\n\nCommunity\n---------\n\nIf you have questions or want to help out, join us in the **#stackphp** or\n**#dflydev** channels on **irc.freenode.net**.\n\n\n[0]: http://stackphp.com/\n[1]: http://stackphp.com/specs/STACK-2/\n[2]: http://getcomposer.org\n[3]: https://packagist.org/packages/dflydev/stack-authentication\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdflydev%2Fdflydev-stack-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdflydev%2Fdflydev-stack-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdflydev%2Fdflydev-stack-authentication/lists"}