protected function _digest($request)
{
$username = $password = null;
$auth = $this->_classes['auth'];
$data = $auth::decode($request->env('PHP_AUTH_DIGEST'));
$data['realm'] = $this->_config['realm'];
$data['method'] = $request->method;
$users = $this->_config['users'];
if (!empty($data['username']) && !empty($users[$data['username']])) {
$username = $data['username'];
$password = $users[$data['username']];
}
$encoded = $auth::encode($username, $password, $data);
if ($encoded['response'] !== $data['response']) {
$nonce = uniqid();
$opaque = md5($data['realm']);
$message = "WWW-Authenticate: Digest realm=\"{$data['realm']}\",qop=\"auth\",";
$message .= "nonce=\"{$nonce}\",opaque=\"{$opaque}\"";
$this->_writeHeader($message);
return false;
}
return compact('username', 'password');
}
