public function redirectToLogin() { $entryPointFound = FALSE; foreach ($this->securityContext->getAuthenticationTokens() as $token) { if (!is_object($token)) { continue; } $entryPoint = $token->getAuthenticationEntryPoint(); if ($entryPoint !== NULL && $entryPoint->canForward($this->request)) { $entryPointFound = TRUE; if ($entryPoint instanceof \TYPO3\FLOW3\Security\Authentication\EntryPoint\WebRedirect) { $options = $entryPoint->getOptions(); $options['uri'] = $options['uri'] . "?_redirect=" . urlencode($this->request->getRequestUri()); $entryPoint->setOptions($options); $this->securityLogger->log('Redirecting to authentication entry point with URI ' . (isset($options['uri']) ? $options['uri'] : '- undefined -'), LOG_INFO); } else { $this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO); } $rootRequest = $this->request; if ($this->request instanceof \TYPO3\FLOW3\MVC\Web\SubRequest) { $rootRequest = $this->request->getRootRequest(); } $this->securityContext->setInterceptedRequest($rootRequest); $entryPoint->startAuthentication($rootRequest, $this->response); throw new \TYPO3\FLOW3\MVC\Exception\StopActionException(); } } if ($entryPointFound === FALSE) { $this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE); throw new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', 1317309673); } }
/** * Dispatches a request to a controller * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request to dispatch * @param \TYPO3\FLOW3\Mvc\ResponseInterface $response The response, to be modified by the controller * @return void * @throws \TYPO3\FLOW3\Mvc\Exception\InfiniteLoopException * @api */ public function dispatch(RequestInterface $request, ResponseInterface $response) { $dispatchLoopCount = 0; while (!$request->isDispatched()) { if ($dispatchLoopCount++ > 99) { throw new \TYPO3\FLOW3\Mvc\Exception\InfiniteLoopException('Could not ultimately dispatch the request after ' . $dispatchLoopCount . ' iterations.', 1217839467); } $controller = $this->resolveController($request); try { $this->emitBeforeControllerInvocation($request, $response, $controller); $controller->processRequest($request, $response); $this->emitAfterControllerInvocation($request, $response, $controller); } catch (StopActionException $exception) { $this->emitAfterControllerInvocation($request, $response, $controller); if ($exception instanceof ForwardException) { $request = $exception->getNextRequest(); } elseif ($request->isMainRequest() === FALSE) { $request = $request->getParentRequest(); } } } }
/** * Matches a \TYPO3\FLOW3\Mvc\RequestInterface against the configured CSRF pattern rules and searches for invalid * csrf tokens. * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request that should be matched * @return boolean TRUE if the pattern matched, FALSE otherwise * @throws \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException */ public function matchRequest(\TYPO3\FLOW3\Mvc\RequestInterface $request) { if ($this->authenticationManager->isAuthenticated() === FALSE) { return FALSE; } $controllerClassName = $this->objectManager->getClassNameByObjectName($request->getControllerObjectName()); $actionName = $request->getControllerActionName() . 'Action'; if ($this->policyService->hasPolicyEntryForMethod($controllerClassName, $actionName) && !$this->reflectionService->isMethodTaggedWith($controllerClassName, $actionName, 'skipcsrfprotection')) { $internalArguments = $request->getInternalArguments(); if (!isset($internalArguments['__csrfToken'])) { return TRUE; } $csrfToken = $internalArguments['__csrfToken']; if (!$this->securityContext->hasCsrfProtectionTokens()) { throw new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('No tokens in security context, possible session timeout', 1317309673); } if ($this->securityContext->isCsrfProtectionTokenValid($csrfToken) === FALSE) { return TRUE; } } return FALSE; }
/** * Matches a \TYPO3\FLOW3\Mvc\RequestInterface against its set URL pattern rules * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request that should be matched * @return boolean TRUE if the pattern matched, FALSE otherwise */ public function matchRequest(\TYPO3\FLOW3\Mvc\RequestInterface $request) { return (bool) preg_match('/^' . $this->uriPattern . '$/', $request->getHttpRequest()->getUri()->getPath()); }
/** * Finds and instantiates a controller that matches the current request. * If no controller can be found, an instance of NotFoundControllerInterface is returned. * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request to dispatch * @return \TYPO3\FLOW3\Mvc\Controller\ControllerInterface * @throws \TYPO3\FLOW3\Mvc\Controller\Exception\InvalidControllerException */ protected function resolveController(\TYPO3\FLOW3\Mvc\RequestInterface $request) { $exception = NULL; $controllerObjectName = $request->getControllerObjectName(); if ($controllerObjectName === '') { $exception = new \TYPO3\FLOW3\Mvc\Controller\Exception\InvalidControllerException('No controller could be resolved which would match your request', 1303209195, NULL, $request); } if ($exception !== NULL) { $controller = $this->objectManager->get($this->settings['mvc']['notFoundController']); if (!$controller instanceof \TYPO3\FLOW3\Mvc\Controller\NotFoundControllerInterface) { throw new \TYPO3\FLOW3\Mvc\Controller\Exception\InvalidControllerException('The NotFoundController must implement "\\TYPO3\\FLOW3\\Mvc\\Controller\\NotFoundControllerInterface", ' . (is_object($controller) ? get_class($controller) : gettype($controller)) . ' given.', 1246714416, NULL, $request); } $controller->setException($exception); } else { $controller = $this->objectManager->get($controllerObjectName); if (!$controller instanceof \TYPO3\FLOW3\Mvc\Controller\ControllerInterface) { throw new \TYPO3\FLOW3\Mvc\Controller\Exception\InvalidControllerException('Invalid controller "' . $request->getControllerObjectName() . '". The controller must be a valid request handling controller, ' . (is_object($controller) ? get_class($controller) : gettype($controller)) . ' given.', 1202921619, NULL, $request); } } return $controller; }
/** * Matches a \TYPO3\FLOW3\Mvc\RequestInterface against its set controller object name pattern rules * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request that should be matched * @return boolean TRUE if the pattern matched, FALSE otherwise */ public function matchRequest(\TYPO3\FLOW3\Mvc\RequestInterface $request) { return (bool) preg_match('/^' . str_replace('\\', '\\\\', $this->controllerObjectNamePattern) . '$/', $request->getControllerObjectName()); }