BasicCredential

Class
implements AuthorizationCredential
Read only: Yes Final: Yes

Class BasicCredential.

Description

Represents the parsed credential pair for HTTP Basic Authentication. This credential consists of a username and password encoded as Base64(username:password) in the Authorization header.

Implementations handling this class MUST treat the password as a sensitive secret. It MUST NOT be logged, exposed, or transmitted insecurely. The username MAY be considered non-sensitive depending on application rules, but the password MUST always be protected.

Instances of this class SHALL be returned by Authorization::parse() when the header contains a valid Basic Authentication value.

Table of Contents

Interfaces

AuthorizationCredential

Interface AuthorizationCredential.

Properties

$password
 : string
$username
 : string

Methods

__construct()

Creates a new Basic Authentication credential.

 : mixed
Properties

$password

Public
public string $password
Attributes
#[SensitiveParameter]
Methods

__construct()

Public

Creates a new Basic Authentication credential.

public __construct( string  $username, string  $password) : mixed

Description

The username and password MUST be extracted exactly as decoded from the HTTP Authorization header. The password parameter is annotated with #[\SensitiveParameter] to ensure that stack traces, debugging tools, and error handlers do not accidentally reveal its value.

Parameters
$username : string

Description

the username provided by the client

$password : string

Description

the plaintext password provided by the client