public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface { try { $qp = $request->getQueryParams(); $options = ['profileId' => null, 'seek' => ['limit' => $request->getAttribute('limit'), 'offset' => $request->getAttribute('offset')], 'filter' => []]; if (isset($qp['profileId'])) { $options['profileId'] = (int) $qp['profileId']; } else { $options['profileId'] = $this->currentAccountService->getCurrentAccount()->getCurrentProfile()->getId(); } if (isset($qp['read'])) { $options['filter']['read'] = QueryBoolean::extract($qp['read']); } if (isset($qp['answer'])) { $options['filter']['answer'] = QueryBoolean::extract($qp['answer']); } $feedbackEntities = $this->feedbackService->getFeedbackEntities($options); $responseBuilder->setStatusSuccess()->setJson(['entities' => array_map(function (Feedback $feedback) { return $feedback->toJSON(); }, $feedbackEntities)]); } catch (ProfileNotFoundException $e) { $responseBuilder->setStatusNotFound()->setError($e); } catch (SeekException $e) { $responseBuilder->setStatusBadRequest()->setError($e); } return $responseBuilder->build(); }
/** * @param Request $request * @return JsonResponse|EmptyResponse */ public function handle(Request $request) { $actor = $request->getAttribute('actor'); $Referer = $request->getHeader('Referer'); $params = array_only($request->getParsedBody(), ['identification', 'password']); $response = $this->apiClient->send(TokenController::class, $actor, [], $params); if ($response->getStatusCode() === 200) { $data = json_decode($response->getBody()); $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $data->userId); $token = AccessToken::find($data->token); event(new UserLoggedIn($this->users->findOrFail($data->userId), $token)); $response = FigResponseCookies::set($response, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/')); $response = $this->rememberer->remember($response, $token); } elseif ($response->getStatusCode() === 401) { $responseNew = $this->apiClient->send(PingxxTokenController::class, $actor, [], $params); if ($responseNew->getStatusCode() === 200) { $data = json_decode($responseNew->getBody()); $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $data->userId); $token = AccessToken::find($data->token); event(new UserLoggedIn($this->users->findOrFail($data->userId), $token)); $responseNew = FigResponseCookies::set($responseNew, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/')->withDomain('dashboard.pingxx.com')); $responseNew = $this->rememberer->remember($responseNew, $token); return $responseNew; } else { return $response; } } return $response; }
/** * @param \Wandu\DI\ContainerInterface $container * @param \Psr\Http\Message\ServerRequestInterface $request */ private function bindParameter(ContainerInterface $container, ServerRequestInterface $request) { if ($queryParams = $request->getAttribute('server_params')) { $container->instance(ServerParams::class, $queryParams); $container->alias(ServerParamsInterface::class, ServerParams::class); $container->alias('server_params', ServerParams::class); } if ($queryParams = $request->getAttribute('query_params')) { $container->instance(QueryParams::class, $queryParams); $container->alias(QueryParamsInterface::class, QueryParams::class); $container->alias('query_params', QueryParams::class); } if ($parsedBody = $request->getAttribute('parsed_body')) { $container->instance(ParsedBody::class, $parsedBody); $container->alias(ParsedBodyInterface::class, ParsedBody::class); $container->alias('parsed_body', ParsedBody::class); } if ($cookie = $request->getAttribute('cookie')) { $container->instance(CookieJar::class, $cookie); $container->alias(CookieJarInterface::class, CookieJar::class); $container->alias('cookie', CookieJar::class); } if ($session = $request->getAttribute('session')) { $container->instance(Session::class, $session); $container->alias(SessionInterface::class, Session::class); $container->alias('session', Session::class); } }
/** * Returns the view for the ExtJS admin interface * * @param ContainerInterface $container Dependency injection container * @param ServerRequestInterface $request Request object * @param ResponseInterface $response Response object * @param array $args Associative list of route parameters * @return ResponseInterface $response Modified response object with generated output */ public static function indexAction(ContainerInterface $container, ServerRequestInterface $request, ResponseInterface $response, array $args) { $site = isset($args['site']) ? $args['site'] : 'default'; $lang = isset($args['lang']) ? $args['lang'] : 'en'; $tab = isset($args['tab']) ? $args['tab'] : 0; $aimeos = $container->get('aimeos'); $cntlPaths = $aimeos->getCustomPaths('controller/extjs'); $context = $container->get('aimeos_context')->get(false, $args, 'backend'); $context = self::setLocale($context, $site, $lang); $controller = new \Aimeos\Controller\ExtJS\JsonRpc($context, $cntlPaths); $cssFiles = array(); foreach ($aimeos->getCustomPaths('admin/extjs') as $base => $paths) { foreach ($paths as $path) { $jsbAbsPath = $base . '/' . $path; if (!is_file($jsbAbsPath)) { throw new \Exception(sprintf('JSB2 file "%1$s" not found', $jsbAbsPath)); } $jsb2 = new \Aimeos\MW\Jsb2\Standard($jsbAbsPath, dirname($path)); $cssFiles = array_merge($cssFiles, $jsb2->getUrls('css')); } } $csrfname = $request->getAttribute('csrf_name'); $csrfvalue = $request->getAttribute('csrf_value'); $router = $container->get('router'); $jqadmUrl = $router->pathFor('aimeos_shop_jqadm_search', array('site' => $site, 'resource' => 'product')); $jsonUrl = $router->pathFor('aimeos_shop_extadm_json', array('site' => $site, $csrfname => $csrfvalue)); $adminUrl = $router->pathFor('aimeos_shop_extadm', array('site' => '<site>', 'lang' => '<lang>', 'tab' => '<tab>')); $vars = array('lang' => $lang, 'cssFiles' => $cssFiles, 'languages' => self::getJsonLanguages($aimeos), 'config' => self::getJsonClientConfig($context), 'site' => self::getJsonSiteItem($context, $site), 'i18nContent' => self::getJsonClientI18n($aimeos->getI18nPaths(), $lang), 'uploaddir' => $context->getConfig()->get('uploaddir', '/.'), 'searchSchemas' => $controller->getJsonSearchSchemas(), 'itemSchemas' => $controller->getJsonItemSchemas(), 'smd' => $controller->getJsonSmd($jsonUrl), 'urlTemplate' => $adminUrl, 'jqadmurl' => $jqadmUrl, 'activeTab' => $tab, 'version' => \Aimeos\Slim\Bootstrap::getVersion()); return $container->get('view')->render($response, 'Extadm/index.html.twig', $vars); }
/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery(''); $server = new Twitter(['identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $redirectUri]); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $oAuthToken = array_get($queryParams, 'oauth_token'); $oAuthVerifier = array_get($queryParams, 'oauth_verifier'); if (!$oAuthToken || !$oAuthVerifier) { $temporaryCredentials = $server->getTemporaryCredentials(); $session->set('temporary_credentials', serialize($temporaryCredentials)); $session->save(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($session->get('temporary_credentials')); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $oAuthToken, $oAuthVerifier); $user = $server->getUserDetails($tokenCredentials); $identification = ['twitter_id' => $user->uid]; $suggestions = ['username' => $user->nickname, 'avatarUrl' => str_replace('_normal', '', $user->imageUrl)]; return $this->authResponse->make($request, $identification, $suggestions); }
public function loginPost(Request $request, Response $response, $args) { $identifier = Input::post('identifier'); $password = Input::post('password'); $v = new Validator(new User()); $v->validate(['identifier' => [$identifier, 'required|email'], 'password' => [$password, 'required']]); if ($request->getAttribute('csrf_status') === false) { $flash = 'CSRF faiure'; $this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]); } else { if ($v->passes()) { $user = User::where('username', $identifier)->orWhere('email', $identifier)->first(); if ($user && $this->hash->passwordCheck($password, $user->password)) { $this->session->set($this->auth['session'], $user->id); $this->session->set($this->auth['group'], $user->group_id); return $response->withRedirect('dashboard'); } else { $flash = 'Sorry, you couldn\'t be logged in.'; $this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]); } } else { $this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'request' => $request, 'csrf' => ['name' => $request->getAttribute('csrf_name'), 'value' => $request->getAttribute('csrf_value')]]); } } return $response; }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null) { if ($request->getAttribute('resourceId') == 666) { throw new ApiProblemException('You had the try huh?', 666); } return new JsonResponse(['ack' => time(), 'action' => 'Read', 'resource' => $request->getAttribute('resource'), 'resourceId' => $request->getAttribute('resourceId')]); }
public function __invoke(ServerRequestInterface $request) { // return ['todoId' => $request->getQueryParams()['todoId'], 'description' => $request->getQueryParams()['description']]; // return [$request->getQueryParams()['todoId'], $request->getQueryParams()['description']]; $todoId = $request->getAttribute('todoId'); $description = $request->getAttribute('description'); return array('todoId' => $todoId, 'description' => $description); }
/** * @param Request $request * @return \Illuminate\Contracts\View\View * @throws InvalidConfirmationTokenException */ public function render(Request $request) { $token = array_get($request->getQueryParams(), 'token'); $token = PasswordToken::findOrFail($token); if ($token->created_at < new DateTime('-1 day')) { throw new InvalidConfirmationTokenException(); } return $this->view->make('flarum::reset')->with('translator', $this->translator)->with('passwordToken', $token->id)->with('csrfToken', $request->getAttribute('session')->get('csrf_token'))->with('error', $request->getAttribute('session')->get('error')); }
public function __invoke(ServerRequestInterface $req, ResponseInterface $res, callable $next) { $nameKey = $this->csrf->getTokenNameKey(); $valueKey = $this->csrf->getTokenValueKey(); $name = $req->getAttribute($nameKey); $value = $req->getAttribute($valueKey); $this->view['csrf'] = ['name_key' => $nameKey, 'value_key' => $valueKey, 'name' => $name, 'value' => $value]; return $next($req, $res); }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $nameKey = $this->container->csrf->getTokenNameKey(); $valueKey = $this->container->csrf->getTokenValueKey(); $name = $request->getAttribute($nameKey); $value = $request->getAttribute($valueKey); $this->container->view->getEnvironment()->addGlobal('csrf', ['keys' => ['name' => $nameKey, 'value' => $valueKey], 'name' => $name, 'value' => $value]); $response = $next($request, $response); return $response; }
public function __invoke(Request $req, Response $res, callable $next) : Response { $tag = $req->getAttribute('tag'); $type = $req->getAttribute('type', 'rss'); $path = $tag ? $this->getTagFeedPath($tag, $type) : $this->getFeedPath($type); if (!file_exists($path)) { return $next($req, $res->withStatus(404), 'Not found'); } return $res->withHeader('Content-Type', sprintf('application/%s+xml', $type))->withBody(new Stream(fopen($path, 'r'))); }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response) { $id = $request->getAttribute('id'); $secret = $request->getAttribute('secret'); if ($secret !== $this->secret) { return $response->withStatus(400, 'not authenticated'); } $comment = $this->repository->load($id); $this->repository->delete($comment); }
public function execute(Request $req, Response $res, callable $next = null) { try { $id = $req->getAttribute('id'); $name = urldecode($req->getAttribute('name')); $collection = $this->boot()->get('store')->getCollection($name); return $next($req, new JsonResponse(['status' => 'ok', 'data' => $collection->delete($collection->item($id))])); } catch (\Exception $ex) { return new JsonResponse(['status' => 'error', 'error' => $ex->getMessage()], 500); } }
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface { try { $profileId = $request->getAttribute('profileId'); $communitySID = $request->getAttribute('communitySID'); $this->profileCommunitiesService->leaveCommunity($this->currentAccountService->getCurrentAccount()->getProfileWithId($profileId)->getId(), $communitySID); $responseBuilder->setStatusSuccess(); } catch (AlreadyLeavedException $e) { $responseBuilder->setError($e)->setStatusConflict(); } return $responseBuilder->build(); }
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface { try { $communityId = $request->getAttribute('communityId'); $featureCode = $request->getAttribute('feature'); $community = $this->communityService->getCommunityById($communityId); $isActivated = $this->communityFeatureService->isFeatureActivated($featureCode, $community); $responseBuilder->setStatusSuccess()->setJson(['is_feature_activated' => $isActivated]); } catch (CommunityNotFoundException $e) { $responseBuilder->setStatusNotFound()->setError($e); } return $responseBuilder->build(); }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response) { $checkName = null; $queryParams = $request->getQueryParams(); if (!empty($queryParams['filter']) && !empty($queryParams['label'])) { $checkName = sprintf('%s/%s', $queryParams['filter'], $queryParams['label']); } if ($checkName === null && !empty($request->getAttribute('filter')) && !empty($request->getAttribute('label'))) { $checkName = sprintf('%s/%s', $request->getAttribute('filter'), $request->getAttribute('label')); } $resultCollection = $this->runner->run($checkName); return $this->resultResponseFactory->createResponse($request, $resultCollection); }
/** * @param ServerRequestInterface $request * * @return string */ public static function createResource(ServerRequestInterface $request) { $module = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('module')); $controller = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('controller')); $action = preg_replace('/[^a-z0-9]+/i', '', $request->getAttribute('action')); if (!$module || !$controller || !is_string($controller) || !$action) { return ''; } if (false !== strpos($module, '(@') && preg_match('/\\(@([^\\)]+)\\)/', $module, $matches)) { $module = $matches[1]; } return strtoupper(sprintf('%s_%s_%s', $module, $controller, $action)); }
/** * @param \Psr\Http\Message\ServerRequestInterface $requestInterface * @param \Psr\Http\Message\ResponseInterface $responseInterface * @param callable $next * @return \Psr\Http\Message\ResponseInterface * @throws \Exception */ public function __invoke(ServerRequestInterface $requestInterface, ResponseInterface $responseInterface, callable $next) { if (is_array($requestInterface->getAttribute($this->permissionKey))) { $uri = $requestInterface->getServerParams()['REQUEST_URI']; if (in_array($uri, $requestInterface->getAttribute($this->permissionKey))) { return $next($requestInterface, $responseInterface); } else { throw new \Exception("User does not have permission to view this resource"); } } else { throw new \Exception("Permissions Not Loaded"); } }
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface { try { $profileId = $request->getAttribute('profileId'); $communitySID = $request->getAttribute('communitySID'); $eq = $this->profileCommunitiesService->joinToCommunity($this->currentAccountService->getCurrentAccount()->getProfileWithId($profileId)->getId(), $communitySID); $responseBuilder->setStatusSuccess()->setJson(['entity' => $eq->toJSON()]); } catch (AlreadyJoinedException $e) { $responseBuilder->setError($e)->setStatusConflict(); } catch (ProfileNotFoundException $e) { $responseBuilder->setError($e)->setStatusNotAllowed(); } return $responseBuilder->build(); }
/** * Invoke middleware. * * @param ServerRequestInterface $request request object * @param ResponseInterface $response response object * @param callable $next next middleware * * @return ResponseInterface response object */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $isValid = $request->getAttribute(self::$isValidAttribute, false); $violations = $request->getAttribute(self::$violationsAttribute, []); foreach ($request->getHeader($this->headerName) as $token) { $tokenViolations = call_user_func($this->tokenValidator, $token); if (count($tokenViolations) === 0) { $isValid = true; continue; } $violations = array_merge($violations, $tokenViolations); } return $next($request->withAttribute(self::$isValidAttribute, $isValid)->withAttribute(self::$violationsAttribute, $violations), $response); }
public function run(ServerRequestInterface $request, ResponseBuilder $responseBuilder) : ResponseInterface { try { $profileId = (int) $request->getAttribute('profileId'); $this->validation->validateIsProfileOwnedByAccount($this->currentAccountService->getCurrentAccount(), $this->profileService->getProfileById($profileId)); $method = $request->getAttribute('method'); $parameters = (array) $this->getRequest($request, $method)->getParameters(); $profile = $this->profileService->setGreetings($profileId, Greetings::createFromMethod($method, $parameters)); $responseBuilder->setStatusSuccess()->setJson(['greetings' => $profile->getGreetings()->toJSON()]); } catch (ProfileNotFoundException $e) { $responseBuilder->setError($e)->setStatusNotFound(); } return $responseBuilder->build(); }
public function json(Request $request, Admin $app, $entityName) { $id = $request->getAttribute('id'); $field = $request->getAttribute('field'); $data = $request->getParsedBody(); $form = static::createForm($app, $entityName, $id); $form['data']->val($app->getEntity($entityName)->read($id)); $form['data'][$field]->val($data['value']); if ($form->validate()) { $app->getEntity($entityName)->update($id, $form['data']->val()); return json_encode(['value' => $form['data'][$field]->val(), 'htmlValue' => $form['data'][$field]->valToHtml()]); } return Factory::createResponse(400); }
/** * {@inheritdoc} */ protected function data(ServerRequestInterface $request, Document $document) { $actor = $request->getAttribute('actor'); if (!$request->getAttribute('bypassFloodgate')) { $this->floodgate->assertNotFlooding($actor); } $discussion = $this->bus->dispatch(new StartDiscussion($actor, array_get($request->getParsedBody(), 'data', []))); // After creating the discussion, we assume that the user has seen all // of the posts in the discussion; thus, we will mark the discussion // as read if they are logged in. if ($actor->exists) { $this->bus->dispatch(new ReadDiscussion($discussion->id, $actor, 1)); } return $discussion; }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null) { $action = $request->getAttribute(RouterMiddleware::ACTION_ATTRIBUTE_NAME); $parameters = $request->getAttribute(RouterMiddleware::PARAMETERS_ATTRIBUTE_NAME); if (!$action) { throw new \RuntimeException('Can\'t invoke controller, please check if RouterMiddleware & ControllerMiddleware are configured correctly'); } // Instantiate controller and call if (is_array($action)) { $action[0] = new $action[0]($this->context, $request, $response); return $action[0]->{$action[1]}(...array_values($parameters)); } // Try to call any other way return call_user_func_array($action, $parameters); }
/** * @param Request $request * @return JsonResponse|EmptyResponse */ public function handle(Request $request) { $actor = $request->getAttribute('actor'); $params = array_only($request->getParsedBody(), ['identification', 'password']); $response = $this->apiClient->send(TokenController::class, $actor, [], $params); if ($response->getStatusCode() === 200) { $data = json_decode($response->getBody()); $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $data->userId); $token = AccessToken::find($data->token); event(new UserLoggedIn($this->users->findOrFail($data->userId), $token)); $response = $this->rememberer->remember($response, $token); } return $response; }
/** * @param Request $request * @return JsonResponse */ public function handle(Request $request) { $controller = 'Flarum\\Api\\Controller\\CreateUserController'; $actor = $request->getAttribute('actor'); $body = ['data' => ['attributes' => $request->getParsedBody()]]; $response = $this->api->send($controller, $actor, [], $body); $body = json_decode($response->getBody()); if (isset($body->data)) { $userId = $body->data->id; $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $userId); $response = $this->rememberer->rememberUser($response, $userId); } return $response; }
public function __invoke(Request $request, Response $response, callable $out = null) { $responseBuilder = new CASSResponseBuilder($response); $resolver = $this->commandService->createResolverBuilder()->attachDirect('sign-in', SignInCommand::class)->attachDirect('sign-up', SignUpCommand::class)->attachDirect('sign-out', SignOutCommand::class); foreach (self::OAUTH2_PROVIDERS as $provider => $commandClassName) { $resolver->attachCallable(function (Request $request) use($resolver, $provider) { return $request->getAttribute('command') === 'oauth' && $request->getAttribute('provider') === $provider; }, $commandClassName); } try { return $resolver->resolve($request)->run($request, $responseBuilder); } catch (AccountNotFoundException $e) { return $responseBuilder->setStatusNotFound()->build(); } }
public function execute(Request $req, Response $res, callable $next = null) { try { $id = $req->getAttribute('id'); $name = urldecode($req->getAttribute('name')); $params = $req->getQueryParams(); $collection = $this->boot()->get('store')->getCollection($name); $data = $collection->item($id)->getData(); $data['@labels'] = $this->boot()->get('store')->getLabels($id); $data['@properties'] = $this->boot()->get('store')->getProperties($id); return $next($req, new JsonResponse(['status' => 'ok', '__params' => $params, 'data' => $data])); } catch (\Exception $ex) { return new JsonResponse(['status' => 'error', 'error' => $ex->getMessage()], 500); } }
public function __invoke(Request $request) { /** Check for token on header */ if (isset($this->options['header'])) { if ($request->hasHeader($this->options['header'])) { $header = $request->getHeader($this->options['header'])[0]; if (preg_match($this->options['regex'], $header, $matches)) { return $matches[1]; } } } /** If nothing on header, try query parameters */ if (isset($this->options['parameter'])) { if (!empty($request->getQueryParams()[$this->options['parameter']])) { return $request->getQueryParams()[$this->options['parameter']]; } } /** If nothing on parameters, try cookies */ if (isset($this->options['cookie'])) { $cookie_params = $request->getCookieParams(); if (!empty($cookie_params[$this->options["cookie"]])) { return $cookie_params[$this->options["cookie"]]; } } /** If nothing until now, check argument as last try */ if (isset($this->options['argument'])) { if ($route = $request->getAttribute('route')) { $argument = $route->getArgument($this->options['argument']); if (!empty($argument)) { return $argument; } } } throw new TokenNotFoundException('Token not found'); }