Parsed: 128838

function wp_populate_basic_auth_from_authorization_header() {
  // If we don't have anything to pull from, return early.
  if ( ! isset( $_SERVER['HTTP_AUTHORIZATION'] ) && ! isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
    return;
  }

  // If either PHP_AUTH key is already set, do nothing.
  if ( isset( $_SERVER['PHP_AUTH_USER'] ) || isset( $_SERVER['PHP_AUTH_PW'] ) ) {
    return;
  }

  // From our prior conditional, one of these must be set.
  $header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];

  // Test to make sure the pattern matches expected.
  if ( ! preg_match( '%^Basic [a-z\d/+]*={0,2}$%i', $header ) ) {
    return;
  }

  // Removing `Basic ` the token would start six characters in.
  $token    = substr( $header, 6 );
  $userpass = base64_decode( $token );

  // There must be at least one colon in the string.
  if ( ! str_contains( $userpass, ':' ) ) {
    return;
  }

  list( $user, $pass ) = explode( ':', $userpass, 2 );

  // Now shove them in the proper keys where we're expecting later on.
  $_SERVER['PHP_AUTH_USER'] = $user;
  $_SERVER['PHP_AUTH_PW']   = $pass;
}