vdlp
diff --git a/‎.github/workflows/php.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/php.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Plugin.php‎
Lines changed: 19 additions & 43 deletions b/‎Plugin.php‎
Lines changed: 19 additions & 43 deletions
diff --git a/‎README.md‎
Lines changed: 14 additions & 11 deletions b/‎README.md‎
Lines changed: 14 additions & 11 deletions
diff --git a/‎ServiceProvider.php‎
Lines changed: 19 additions & 0 deletions b/‎ServiceProvider.php‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎classes/AuthorizationHelper.php‎
Lines changed: 68 additions & 0 deletions b/‎classes/AuthorizationHelper.php‎
Lines changed: 68 additions & 0 deletions
diff --git a/‎classes/helper/AuthorizationHelper.php‎
Lines changed: 0 additions & 74 deletions b/‎classes/helper/AuthorizationHelper.php‎
Lines changed: 0 additions & 74 deletions
diff --git a/‎composer.json‎
Lines changed: 2 additions & 2 deletions b/‎composer.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎config.php‎
Lines changed: 20 additions & 0 deletions b/‎config.php‎
Lines changed: 20 additions & 0 deletions
@@ -14,7 +14,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: [ 8.0, 7.4, 7.3, 7.2, 7.1 ]
+        php: [ 8.0, 7.4 ]
         stability: [ prefer-lowest, prefer-stable ]
 
     name: PHP ${{ matrix.php }} - ${{ matrix.stability }}
 
@@ -5,28 +5,16 @@
 namespace Vdlp\BasicAuthentication;
 
 use Backend\Helpers\Backend as BackendHelper;
-use Illuminate\Contracts\Config\Repository;
-use Illuminate\Contracts\Session\Session;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Http\Request;
-use October\Rain\Translation\Translator;
 use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
 use System\Classes\PluginBase;
-use Vdlp\BasicAuthentication\Classes\Helper\AuthorizationHelper;
+use Vdlp\BasicAuthentication\Classes\AuthorizationHelper;
 use Vdlp\BasicAuthentication\Console\CreateCredentialsCommand;
 use Vdlp\BasicAuthentication\Models\Credential;
-use Vdlp\BasicAuthentication\ServiceProviders\BasicAuthenticationServiceProvider;
-
-/**
- * Class Plugin
- *
- * @package Vdlp\BasicAuthentication
- */
-class Plugin extends PluginBase
+
+final class Plugin extends PluginBase
 {
-    /**
-     * {@inheritdoc}
-     */
     public function pluginDetails(): array
     {
         return [
@@ -37,45 +25,36 @@ public function pluginDetails(): array
         ];
     }
 
-    /**
-     * {@inheritdoc}
-     */
     public function register(): void
     {
-        $this->app->register(BasicAuthenticationServiceProvider::class);
+        $this->app->register(ServiceProvider::class);
 
         $this->registerConsoleCommand(CreateCredentialsCommand::class, CreateCredentialsCommand::class);
     }
 
     /**
      * {@inheritdoc}
+     *
      * @throws SuspiciousOperationException
      */
-    public function boot()
+    public function boot(): void
     {
-        /** @var Repository $config */
-        $config = resolve(Repository::class);
-
-        if (!$config->get('basicauthentication.enabled')
+        if (
+            !config('basicauthentication.enabled')
             || app()->runningInConsole()
             || app()->runningUnitTests()
             || app()->runningInBackend()
         ) {
             return;
         }
 
+        /** @var AuthorizationHelper $authorizationHelper */
+        $authorizationHelper = resolve(AuthorizationHelper::class);
+
         /** @var Request $request */
         $request = resolve(Request::class);
 
-        /** @var Session $session */
-        $session = resolve(Session::class);
-
-        /** @var Translator $translator */
-        $translator = resolve('translator');
-
-        /** @var AuthorizationHelper $authorizationHelper */
-        $authorizationHelper = resolve(AuthorizationHelper::class);
-        if ($authorizationHelper->isIpAddressWhitelisted($request->ip())) {
+        if ($authorizationHelper->isIpAddressWhitelisted((string) $request->ip())) {
             return;
         }
 
@@ -94,27 +73,27 @@ public function boot()
         }
 
         $sessionKey = str_slug(str_replace('.', '_', $credential->getAttribute('hostname')) . '_basic_authentication');
-        if ($session->has($sessionKey)) {
+
+        if (session()->has($sessionKey)) {
             return;
         }
 
-        if ($request->getUser() === $credential->getAttribute('username')
+        if (
+            $request->getUser() === $credential->getAttribute('username')
             && $request->getPassword() === $credential->getAttribute('password')
         ) {
-            $session->put($sessionKey, $request->getUser());
+            session()->put($sessionKey, $request->getUser());
+
             return;
         }
 
         header('WWW-Authenticate: Basic realm="' . $credential->getAttribute('realm') . '"');
         header('HTTP/1.0 401 Unauthorized');
 
-        echo $translator->get('vdlp.basicauthentication::lang.output.unauthorized');
+        echo (string) trans('vdlp.basicauthentication::lang.output.unauthorized');
         exit(0);
     }
 
-    /**
-     * {@inheritdoc}
-     */
     public function registerPermissions(): array
     {
         return [
@@ -125,9 +104,6 @@ public function registerPermissions(): array
         ];
     }
 
-    /**
-     * {@inheritdoc}
-     */
     public function registerSettings(): array
     {
         /** @var BackendHelper $backendHelper */
 
@@ -4,36 +4,39 @@ Allows users to manage Basic Authentication credentials for multiple hostnames a
 
 ## Requirements
 
-* PHP 7.1 or higher
+* PHP 7.4 or higher
 
 ## Installation
 
 ```
 composer require vdlp/oc-basicauthentication-plugin
 ```
 
-Or:
-
-```
-php artisan plugin:install Vdlp.BasicAuthentication
-```
-
 ## Configuration
 
 To configure this plugin execute the following command:
 
 ```
-php artisan vendor:publish --provider="Vdlp\BasicAuthentication\ServiceProviders\BasicAuthenticationServiceProvider" --tag="config"
+php artisan vendor:publish --provider="Vdlp\BasicAuthentication\ServiceProvider" --tag="config"
 ```
 
-This will create a `config/basicauthentication.php` file in your app where you can modify the configuration if you don't want to use .env variables.
+This will create a `config/basicauthentication.php` file in your app where you can modify the configuration if you don't want to use `.env` variables.
 
 ## Enable / disable plugin
 
-By default basic authentication is disabled.
+> By default basic authentication is disabled.
 
 To enable basic authentication, you have to set the env variable to `BASIC_AUTHENTICATION_ENABLED` to `true` in your `.env` file or edit the published config file.
 
+## A Note On FastCGI
+
+If you are using PHP FastCGI, HTTP Basic authentication may not work correctly out of the box. The following lines should be added to your `.htaccess` file:
+
+```
+RewriteCond %{HTTP:Authorization} ^(.+)$
+RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+```
+
 ## Questions? Need help?
 
-If you have any question about how to use this plugin, please don't hesitate to contact us at octobercms@vdlp.nl. We're happy to help you. You can also visit the support forum and drop your questions/issues there.
+If you have any question about how to use this plugin, please don't hesitate to contact us at octobercms@vdlp.nl. We're happy to help you.
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Vdlp\BasicAuthentication;
+
+use October\Rain\Support\ServiceProvider as ServiceProviderBase;
+
+final class ServiceProvider extends ServiceProviderBase
+{
+    public function boot(): void
+    {
+        $this->publishes([
+            __DIR__ . '/config.php' => config_path('basicauthentication.php'),
+        ], 'config');
+
+        $this->mergeConfigFrom(__DIR__ . '/config.php', 'basicauthentication');
+    }
+}
@@ -0,0 +1,68 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Vdlp\BasicAuthentication\Classes;
+
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
+use Vdlp\BasicAuthentication\Models\ExcludedUrl;
+
+final class AuthorizationHelper
+{
+    private Request $request;
+
+    public function __construct(Request $request)
+    {
+        $this->request = $request;
+    }
+
+    /**
+     * @throws SuspiciousOperationException
+     */
+    public function isUrlExcluded(string $currentUrl): bool
+    {
+        /** @var array|mixed $parsedCurrentUrl */
+        $parsedCurrentUrl = parse_url($currentUrl);
+
+        if (!is_array($parsedCurrentUrl)) {
+            return false;
+        }
+
+        /** @var ExcludedUrl[] $excludedUrls */
+        $excludedUrls = ExcludedUrl::all();
+
+        foreach ($excludedUrls as $excludedUrl) {
+            /** @var array|mixed $parsedExcludedUrl */
+            $parsedExcludedUrl = parse_url($excludedUrl->getAttribute('url'));
+
+            if (!is_array($parsedExcludedUrl)) {
+                continue;
+            }
+
+            $host = $parsedCurrentUrl['host'] ?? '';
+
+            if (
+                array_key_exists('host', $parsedExcludedUrl)
+                && $host !== $this->request->getHost()
+            ) {
+                continue;
+            }
+
+            if (
+                array_key_exists('path', $parsedExcludedUrl)
+                && array_key_exists('path', $parsedCurrentUrl)
+                && $parsedExcludedUrl['path'] === $parsedCurrentUrl['path']
+            ) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public function isIpAddressWhitelisted(string $ipAddress): bool
+    {
+        return in_array($ipAddress, explode(',', config('basicauthentication.whitelisted_ips')), true);
+    }
+}
@@ -1,6 +1,6 @@
 {
     "name": "vdlp/oc-basicauthentication-plugin",
-    "description": "Allows you to manage Basic Authentication credentials in October CMS powered websites.",
+    "description": "Protect your website with Basic Authentication.",
     "type": "october-plugin",
     "license": "GPL-2.0",
     "authors": [
@@ -13,7 +13,7 @@
         "email": "octobercms@vdlp.nl"
     },
     "require": {
-        "php": "^7.1||^8.0",
+        "php": "^7.4 || ^8.0",
         "composer/installers": "^1.0"
     }
 }
@@ -3,6 +3,26 @@
 declare(strict_types=1);
 
 return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Basic Authentication enabled
+    |--------------------------------------------------------------------------
+    |
+    | Enable the Basic Authentication plugin by adding the
+    | BASIC_AUTHENTICATION_ENABLED to your .env file.
+    |
+    */
     'enabled' => (bool) env('BASIC_AUTHENTICATION_ENABLED', false),
+
+    /*
+    |--------------------------------------------------------------------------
+    | White Listed IP addresses
+    |--------------------------------------------------------------------------
+    |
+    | Provide a comma separated list of IP addresses to whitelist.
+    |
+    */
     'whitelisted_ips' => env('BASIC_AUTHENTICATION_WHITELISTED_IPS', ''),
+
 ];
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "vdlp/oc-basicauthentication-plugin",`
`3`		`- "description": "Allows you to manage Basic Authentication credentials in October CMS powered websites.",`
	`3`	`+ "description": "Protect your website with Basic Authentication.",`
`4`	`4`	`"type": "october-plugin",`
`5`	`5`	`"license": "GPL-2.0",`
`6`	`6`	`"authors": [`
`@@ -13,7 +13,7 @@`
`13`	`13`	`"email": "octobercms@vdlp.nl"`
`14`	`14`	`},`
`15`	`15`	`"require": {`
`16`		`- "php": "^7.1\|\|^8.0",`
	`16`	`+ "php": "^7.4 \|\| ^8.0",`
`17`	`17`	`"composer/installers": "^1.0"`
`18`	`18`	`}`
`19`	`19`	`}`