The authentication in Clockwork works very simple. Each metadata request contains an authentication token, which is passed to the authenticator to decide whether we should return the metadata. If the Clockwork app receives a forbidden response, it will assume an authentication is required and asks for username, password or both as required by the authenticator. Submitting this form will make an authentication attempt on authenticator which will return a new authentication token when successful.
To create an authenticator implementation you will need to implement the
attempt(array $credentials)receives an array of credentials (
passwordor both), if the credentials are valid, returns an authentication token, returns null for invalid credentials
check($token)receives an authentication token, returns true if the token is valid
requires()returns an array of required credentials, this will be either
AuthenticatorInterface::REQUIRES_PASSWORD, the Clockwork app will then show one or both fields
To use the custom authenticator we need to set it on the main Clockwork class:
Feel free to take a look at existing authenticator implementations for inspiration.