Merge pull request #5 from CorpusPHP/feature/AuthorizationHeaderPartParser

Adds Authorization Header Parser "AuthorizationPartParser"

Author: donatj

.mddoc.xml.dist

@@ -16,7 +16,10 @@
 			</section>
 
 			<section title="Documentation">
-				<recursiveDirectory name="src"/>
+				<recursiveDirectory name="src" file-filter="/.*
+					(?&lt;!Factory\.php)
+					(?&lt;!AuthorizationParts\.php)
+					$/x"/>
 			</section>
 		</section>
 	</docpage>

README.md

@@ -2,7 +2,7 @@
 
 [![Latest Stable Version](https://poser.pugx.org/corpus/http-message-utils/version)](https://packagist.org/packages/corpus/http-message-utils)
 [![License](https://poser.pugx.org/corpus/http-message-utils/license)](https://packagist.org/packages/corpus/http-message-utils)
-[![Build Status](https://github.com/CorpusPHP/HttpMessageUtils/workflows/CI/badge.svg?)](https://github.com/CorpusPHP/HttpMessageUtils/actions?query=workflow%3ACI)
+[![CI](https://github.com/CorpusPHP/HttpMessageUtils/workflows/CI/badge.svg?)](https://github.com/CorpusPHP/HttpMessageUtils/actions?query=workflow%3ACI)
 
 
 Utilities for working with [PSR-7 Http Message](https://www.php-fig.org/psr/psr-7/) objects.
@@ -22,6 +22,97 @@ composer require 'corpus/http-message-utils'
 
 ## Documentation
 
+### Class: \Corpus\HttpMessageUtils\Authorization\AuthorizationHeaderParser
+
+Utility to split an Authorization header into `<type>` and `<credentials>` ala:
+`Authorization: <type> <credentials>`
+
+The parser itself is authorization type agnostic and works with any RFC7235
+conforming authorization type.
+
+### Example:
+
+```php
+$serverRequest = \GuzzleHttp\Psr7\ServerRequest::fromGlobals();
+$parsedAuth    = (new \Corpus\HttpMessageUtils\Authorization\AuthorizationHeaderParser)->parseServerRequest($serverRequest);
+
+if( $parsedAuth ) {
+    echo 'type: ' . $parsedAuth->getType();
+    echo 'cred: ' . $parsedAuth->getCredentials();
+}
+```
+
+#### Method: AuthorizationHeaderParser->__construct
+
+```php
+function __construct([ ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsFactory $factory = null])
+```
+
+##### Parameters:
+
+- ***\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsFactory*** | ***null*** `$factory` - Optional factory for construction of result objects
+
+---
+
+#### Method: AuthorizationHeaderParser->parseString
+
+```php
+function parseString(string $headerValue) : ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface
+```
+
+Parses an Authorization header into `<type>` and `<credentials>`
+
+##### Parameters:
+
+- ***string*** `$headerValue` - The header value to parse
+
+##### Returns:
+
+- ***\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface*** | ***null*** - AuthorizationParts on success, null on failure.
+Reasons for failure include empty string and non-RFC7235 compliant header values.
+
+---
+
+#### Method: AuthorizationHeaderParser->parseServerRequest
+
+```php
+function parseServerRequest(\Psr\Http\Message\ServerRequestInterface $request [, string $headerName = self::DEFAULT_HEADER]) : ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface
+```
+
+Helper to easily parse from a PSR ServerRequestInterface
+
+##### Parameters:
+
+- ***\Psr\Http\Message\ServerRequestInterface*** `$request` - The PSR ServerRequestInterface to read from
+- ***string*** `$headerName` - Optional header name to parse. Defaults to Authorization.
+
+##### Returns:
+
+- ***\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface*** | ***null*** - AuthorizationParts on success, null on failure.
+
+### Class: \Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface
+
+Representation of the parts of an Authorization Header:
+  `Authorization: <type> <credentials>`
+
+#### Method: AuthorizationPartsInterface->getType
+
+```php
+function getType() : string
+```
+
+The specified authorization type
+
+---
+
+#### Method: AuthorizationPartsInterface->getCredentials
+
+```php
+function getCredentials() : string
+```
+
+The specified authorization credentials
+
 ### Class: \Corpus\HttpMessageUtils\ProxyAwareSchemer
 
 Utility to map a Uri or ServerRequestInterface's Uri to the external scheme

src/Authorization/AuthorizationHeaderParser.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace Corpus\HttpMessageUtils\Authorization;
+
+use Psr\Http\Message\ServerRequestInterface;
+
+/**
+ * Utility to split an Authorization header into `<type>` and `<credentials>` ala:
+ * `Authorization: <type> <credentials>`
+ *
+ * The parser itself is authorization type agnostic and works with any RFC7235
+ * conforming authorization type.
+ *
+ * ### Example:
+ *
+ * ```php
+ * $serverRequest = \GuzzleHttp\Psr7\ServerRequest::fromGlobals();
+ * $parsedAuth    = (new \Corpus\HttpMessageUtils\Authorization\AuthorizationHeaderParser)->parseServerRequest($serverRequest);
+ *
+ * if( $parsedAuth ) {
+ *     echo 'type: ' . $parsedAuth->getType();
+ *     echo 'cred: ' . $parsedAuth->getCredentials();
+ * }
+ * ```
+ */
+class AuthorizationHeaderParser {
+
+	private const DEFAULT_HEADER = 'authorization';
+	/** @var AuthorizationPartsFactory */
+	private $factory;
+
+	/**
+	 * @param AuthorizationPartsFactory|null $factory Optional factory for construction of result objects
+	 */
+	public function __construct(
+		?AuthorizationPartsFactory $factory = null
+	) {
+		if( !$factory ) {
+			$factory = new AuthorizationPartsFactory;
+		}
+
+		$this->factory = $factory;
+	}
+
+	/**
+	 * Parses an Authorization header into `<type>` and `<credentials>`
+	 *
+	 * @param string $headerValue The header value to parse
+	 * @return AuthorizationPartsInterface|null AuthorizationParts on success, null on failure.
+	 * Reasons for failure include empty string and non-RFC7235 compliant header values.
+	 */
+	public function parseString(
+		string $headerValue
+	) : ?AuthorizationPartsInterface {
+		$headerValue = trim($headerValue);
+		if( !$headerValue ) {
+			return null;
+		}
+
+		$result = preg_split('/\s+/', $headerValue, 2, PREG_SPLIT_NO_EMPTY);
+		if( count($result) === 2 ) {
+			return $this->factory->make($result[0], $result[1]);
+		}
+
+		return null;
+	}
+
+	/**
+	 * Helper to easily parse from a PSR ServerRequestInterface
+	 *
+	 * @param ServerRequestInterface $request    The PSR ServerRequestInterface to read from
+	 * @param string                 $headerName Optional header name to parse. Defaults to Authorization.
+	 * @return AuthorizationPartsInterface|null AuthorizationParts on success, null on failure.
+	 * @see self::parseString
+	 */
+	public function parseServerRequest(
+		ServerRequestInterface $request,
+		string $headerName = self::DEFAULT_HEADER
+	) : ?AuthorizationPartsInterface {
+		$header = $request->getHeaderLine($headerName);
+
+		return $this->parseString($header);
+	}
+
+}

src/Authorization/AuthorizationParts.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Corpus\HttpMessageUtils\Authorization;
+
+class AuthorizationParts implements AuthorizationPartsInterface {
+
+	/** @var string */
+	private $type;
+	/** @var string */
+	private $credentials;
+
+	public function __construct( string $type, string $credentials ) {
+		$this->type        = $type;
+		$this->credentials = $credentials;
+	}
+
+	public function getType() : string {
+		return $this->type;
+	}
+
+	public function getCredentials() : string {
+		return $this->credentials;
+	}
+
+}

src/Authorization/AuthorizationPartsFactory.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace Corpus\HttpMessageUtils\Authorization;
+
+class AuthorizationPartsFactory {
+
+	public function make( string $type, string $credentials ) : AuthorizationPartsInterface {
+		return new AuthorizationParts($type, $credentials);
+	}
+
+}

src/Authorization/AuthorizationPartsInterface.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Corpus\HttpMessageUtils\Authorization;
+
+/**
+ * Representation of the parts of an Authorization Header:
+ *   `Authorization: <type> <credentials>`
+ */
+interface AuthorizationPartsInterface {
+
+	/**
+	 * The specified authorization type
+	 */
+	public function getType() : string;
+
+	/**
+	 * The specified authorization credentials
+	 */
+	public function getCredentials() : string;
+
+}

test/Authorization/AuthorizationHeaderParserTest.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace Corpus\HttpMessageUtils\Authorization;
+
+use GuzzleHttp\Psr7\ServerRequest;
+use PHPUnit\Framework\TestCase;
+
+class AuthorizationHeaderParserTest extends TestCase {
+
+	/**
+	 * @dataProvider authorizationProvider
+	 */
+	public function testParseString(
+		string $header,
+		?string $type,
+		?string $credentials = null
+	) : void {
+		$parser = new AuthorizationHeaderParser;
+		$result = $parser->parseString($header);
+
+		if( $type === null ) {
+			$this->assertNull($result);
+
+			return;
+		}
+
+		$this->assertSame($type, $result->getType());
+		$this->assertSame($credentials, $result->getCredentials());
+	}
+
+	/**
+	 * @dataProvider authorizationProvider
+	 */
+	public function testParseServerRequest(
+		string $header,
+		?string $type,
+		?string $credentials = null
+	) : void {
+		$parser  = new AuthorizationHeaderParser;
+		$request = new ServerRequest("POST", "https://example.com", [
+			'Authorization' => $header,
+		]);
+
+		$result = $parser->parseServerRequest($request);
+
+		if( $type === null ) {
+			$this->assertNull($result);
+
+			return;
+		}
+
+		$this->assertSame($type, $result->getType());
+		$this->assertSame($credentials, $result->getCredentials());
+	}
+
+	public function testParseServerRequest_noHeader() : void {
+		$parser  = new AuthorizationHeaderParser;
+		$request = new ServerRequest("GET", "https://example.com");
+
+		$result = $parser->parseServerRequest($request);
+		$this->assertNull($result);
+	}
+
+	public function authorizationProvider() : \Generator {
+		yield [ '', null ];
+		yield [ 'Foo', null ];
+		yield [ 'Foo bar', 'Foo', 'bar' ];
+		yield [ '   Foo    bar   ', 'Foo', 'bar' ];
+		yield [ 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==', 'Basic', 'QWxhZGRpbjpvcGVuIHNlc2FtZQ==' ];
+		yield [ 'QueryAuth foo=bar baz=qux', 'QueryAuth', 'foo=bar baz=qux' ];
+		yield [ '	OtherAuth			foo=bar    baz=qux	', 'OtherAuth', 'foo=bar    baz=qux' ];
+	}
+
+}