The Request $authorization property is
a Sapien\Request\Header\Authorization\Scheme object.
The Scheme class itself is a marker, and may be one of several
different implementations. The implementation is based on the scheme indicated
by the Request $headers['authorization'] scheme.
Warning:
The Scheme objects do not indicate a user has been authenticated or authorized. They only carry the untrusted user inputs provided by the client. Use them to perform your own authentication and authorization logic.
The Basic scheme presents these readonly properties computed from
the Request $headers['authorization'] credentials:
string $username: The base64-decoded username.string $password: The base64-decoded password.The Bearer scheme presents this readonly property computed from the Request
$headers['authorization'] credentials:
string $token: The bearer token.The Digest scheme presents these readonly properties computed from
the Request $headers['authorization'] credentials:
?string $cnonce: The client nonce.?int $nc: The nonce count.?string $nonce: The server nonce.?string $opaque: The server opaque string.?string $qop: The quality of protection.?string $realm: The authentication realm.?string $response: The client response.?string $uri: The effective request URI.?bool $userhash: Whether or not the username has been hashed.?string $username: The username in the realm.The Generic scheme is used when the authorization scheme does not have a corresponding class. It presents these readonly properties:
string $scheme: The authorization scheme.string $credentials: The authorization credentials.The None scheme is empty, and indicates there was no authorization header.