/**
* @param string $providerName The name of the authentication provider as used in the Settings
* @throws \InvalidArgumentException
* @return Uri
*/
public function getAuthorizationUri($providerName)
{
$providersOptions = $this->getConfiguredOptionsByProviderName($providerName);
$uri = new Uri($providersOptions['authorizationEndpointUri']);
$presentQuery = (string) $uri->getQuery();
$presentQuery = ($presentQuery ? $presentQuery . '&' : '') . http_build_query(array('client_id' => $providersOptions['clientIdentifier'], 'response_type' => $providersOptions['responseType'], 'scope' => implode(' ', $providersOptions['scopes']), 'display' => $providersOptions['display'], 'redirect_uri' => $this->getRedirectionEndpointUri($providerName)));
$uri->setQuery($presentQuery);
return $uri;
}
/**
* @param string $resource
* @param string $method
* @return \TYPO3\Flow\Http\Response
*/
public function query($resource, $method = 'GET')
{
$uri = new Uri($this->endpoint . $resource);
parse_str((string) $uri->getQuery(), $query);
$query['access_token'] = $this->currentAccessToken;
$query['appsecret_proof'] = hash_hmac('sha256', $this->currentAccessToken, $this->appSecret);
$uri->setQuery(http_build_query($query));
$request = Request::create($uri, $method);
$response = $this->requestEngine->sendRequest($request);
return $response;
}
/**
* Tries to detect the base URI of request.
*
* @return void
*/
protected function detectBaseUri()
{
if ($this->baseUri === null) {
$this->baseUri = clone $this->uri;
$this->baseUri->setQuery(null);
$this->baseUri->setFragment(null);
$this->baseUri->setPath($this->getScriptRequestPath());
}
}
/**
* Sets up this test case
*/
public function setUp()
{
$this->routerCachingService = $this->getAccessibleMock(\TYPO3\Flow\Mvc\Routing\RouterCachingService::class, array('dummy'));
$this->mockRouteCache = $this->getMockBuilder(\TYPO3\Flow\Cache\Frontend\VariableFrontend::class)->disableOriginalConstructor()->getMock();
$this->inject($this->routerCachingService, 'routeCache', $this->mockRouteCache);
$this->mockResolveCache = $this->getMockBuilder(\TYPO3\Flow\Cache\Frontend\StringFrontend::class)->disableOriginalConstructor()->getMock();
$this->inject($this->routerCachingService, 'resolveCache', $this->mockResolveCache);
$this->mockPersistenceManager = $this->getMockBuilder(\TYPO3\Flow\Persistence\PersistenceManagerInterface::class)->getMock();
$this->inject($this->routerCachingService, 'persistenceManager', $this->mockPersistenceManager);
$this->mockSystemLogger = $this->getMockBuilder(\TYPO3\Flow\Log\SystemLoggerInterface::class)->getMock();
$this->inject($this->routerCachingService, 'systemLogger', $this->mockSystemLogger);
$this->mockHttpRequest = $this->getMockBuilder(\TYPO3\Flow\Http\Request::class)->disableOriginalConstructor()->getMock();
$this->mockHttpRequest->expects($this->any())->method('getMethod')->will($this->returnValue('GET'));
$this->mockHttpRequest->expects($this->any())->method('getRelativePath')->will($this->returnValue('some/route/path'));
$this->mockUri = $this->getMockBuilder(\TYPO3\Flow\Http\Uri::class)->disableOriginalConstructor()->getMock();
$this->mockUri->expects($this->any())->method('getHost')->will($this->returnValue('subdomain.domain.com'));
$this->mockHttpRequest->expects($this->any())->method('getUri')->will($this->returnValue($this->mockUri));
}
/**
* Sets up this test case
*/
public function setUp()
{
$this->routerCachingService = $this->getAccessibleMock('TYPO3\\Flow\\Mvc\\Routing\\RouterCachingService', array('dummy'));
$this->mockFindMatchResultsCache = $this->getMockBuilder('TYPO3\\Flow\\Cache\\Frontend\\VariableFrontend')->disableOriginalConstructor()->getMock();
$this->routerCachingService->_set('findMatchResultsCache', $this->mockFindMatchResultsCache);
$this->mockResolveCache = $this->getMockBuilder('TYPO3\\Flow\\Cache\\Frontend\\StringFrontend')->disableOriginalConstructor()->getMock();
$this->routerCachingService->_set('resolveCache', $this->mockResolveCache);
$this->mockPersistenceManager = $this->getMockBuilder('TYPO3\\Flow\\Persistence\\PersistenceManagerInterface')->getMock();
$this->routerCachingService->_set('persistenceManager', $this->mockPersistenceManager);
$this->mockSystemLogger = $this->getMockBuilder('TYPO3\\Flow\\Log\\SystemLoggerInterface')->getMock();
$this->routerCachingService->_set('systemLogger', $this->mockSystemLogger);
$this->mockHttpRequest = $this->getMockBuilder('TYPO3\\Flow\\Http\\Request')->disableOriginalConstructor()->getMock();
$this->mockHttpRequest->expects($this->any())->method('getMethod')->will($this->returnValue('GET'));
$this->mockHttpRequest->expects($this->any())->method('getRelativePath')->will($this->returnValue('some/route/path'));
$this->mockUri = $this->getMockBuilder('TYPO3\\Flow\\Http\\Uri')->disableOriginalConstructor()->getMock();
$this->mockUri->expects($this->any())->method('getHost')->will($this->returnValue('subdomain.domain.com'));
$this->mockHttpRequest->expects($this->any())->method('getUri')->will($this->returnValue($this->mockUri));
}
/**
* Renders the HTTP headers - including the status header - of this request
*
* @return string The HTTP headers, one per line, separated by \r\n as required by RFC 2616 sec 5
* @api
*/
public function renderHeaders()
{
$preparedHeaders = array();
$uriPathQueryAndFragment = $this->uri->getPath() . ($this->uri->getQuery() ? '?' . $this->uri->getQuery() : '') . ($this->uri->getFragment() ? '#' . $this->uri->getFragment() : '');
$preparedHeaders[] = sprintf('%s %s HTTP/1.1', $this->method, $uriPathQueryAndFragment);
foreach ($this->headers->getAll() as $name => $values) {
foreach ($values as $value) {
$preparedHeaders[] = $name . ': ' . $value;
}
}
return implode("\r\n", $preparedHeaders) . "\r\n";
}
/**
* Updates the authentication credentials, the authentication manager needs to authenticate this token.
* This could be a username/password from a login controller.
* This method is called while initializing the security context. By returning TRUE you
* make sure that the authentication manager will (re-)authenticate the tokens with the current credentials.
* Note: You should not persist the credentials!
*
* @param \TYPO3\Flow\Mvc\ActionRequest $request The current request instance
* @return boolean TRUE if this token needs to be (re-)authenticated
*/
public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest)
{
$httpRequest = $actionRequest->getHttpRequest();
if ($httpRequest->getMethod() !== 'GET') {
return;
}
// Check if we have a callback request
$arguments = $httpRequest->getArguments();
$accessTokenCipher = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($arguments, '__flowpack.singlesignon.accessToken');
$signature = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($arguments, '__flowpack.singlesignon.signature');
if (!empty($accessTokenCipher) && !empty($signature)) {
// Get callback parameters from request
$this->credentials['accessToken'] = base64_decode($accessTokenCipher);
$this->credentials['signature'] = base64_decode($signature);
$this->callbackUri = $actionRequest->getHttpRequest()->getUri();
$arguments = $this->callbackUri->getArguments();
unset($arguments['__flowpack']);
$this->callbackUri->setQuery(http_build_query($arguments));
$this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED);
}
}
/**
* @param string $actionName
* @param array $additionalParameters
*
* @return Uri
*/
protected function buildRequestUri($actionName, array $additionalParameters = [])
{
$requestUri = new Uri($this->apiSettings['apiUrl']);
$requestUri->setPath($requestUri->getPath() . $this->apiSettings['actions'][$actionName]);
$requestUri->setQuery(http_build_query(array_merge($this->apiSettings['parameters'], $additionalParameters)));
return $requestUri;
}
/**
* @test
* @expectedException \InvalidArgumentException
*/
public function settingInvalidHostThrowsException()
{
$uri = new Uri('');
$uri->setHost('an#invalid.host');
}
/**
* @param string|Uri $uri
* @return string
*/
public function getScheme($uri)
{
if ($uri instanceof Uri) {
return $uri->getScheme();
}
if (preg_match(self::PATTERN_SUPPORTED_URIS, $uri, $matches) === 1) {
return $matches[1];
}
return '';
}
/**
* Destroy the given global session
*
* @param \Flowpack\SingleSignOn\Client\Domain\Model\SsoClient $ssoClient
* @param $sessionId
* @return void
*/
public function destroySession(SsoClient $ssoClient, $sessionId)
{
$serviceUri = new Uri($this->serviceBaseUri . '/session/' . urlencode($sessionId) . '/destroy');
$serviceUri->setQuery(http_build_query(array('clientIdentifier' => $ssoClient->getServiceBaseUri())));
$request = \TYPO3\Flow\Http\Request::create($serviceUri, 'DELETE');
$request->setContent('');
$signedRequest = $this->requestSigner->signRequest($request, $ssoClient->getPublicKeyFingerprint(), $ssoClient->getPublicKeyFingerprint());
// TODO Send request asynchronously
$response = $this->requestEngine->sendRequest($signedRequest);
if ($response->getStatusCode() !== 200 && $response->getStatusCode() !== 404) {
throw new Exception('Unexpected status code for destroy session when calling "' . (string) $serviceUri . '": "' . $response->getStatus() . '"', 1354132939);
}
}
/**
* Creates a new Request object from the given data.
*
* @param \TYPO3\Flow\Http\Uri $uri The request URI
* @param string $method Request method, for example "GET"
* @param array $arguments Arguments to send in the request body
* @param array $files
* @param array $server
* @return \TYPO3\Flow\Http\Request
* @throws \InvalidArgumentException
* @api
*/
public static function create(Uri $uri, $method = 'GET', array $arguments = array(), array $files = array(), array $server = array())
{
$get = $uri->getArguments();
$post = $arguments;
$isDefaultPort = $uri->getScheme() === 'https' ? $uri->getPort() === 443 : $uri->getPort() === 80;
$defaultServerEnvironment = array('HTTP_USER_AGENT' => 'Flow/' . FLOW_VERSION_BRANCH . '.x', 'HTTP_HOST' => $uri->getHost() . ($isDefaultPort !== TRUE && $uri->getPort() !== NULL ? ':' . $uri->getPort() : ''), 'SERVER_NAME' => $uri->getHost(), 'SERVER_ADDR' => '127.0.0.1', 'SERVER_PORT' => $uri->getPort() ?: 80, 'REMOTE_ADDR' => '127.0.0.1', 'SCRIPT_FILENAME' => FLOW_PATH_WEB . 'index.php', 'SERVER_PROTOCOL' => 'HTTP/1.1', 'SCRIPT_NAME' => '/index.php', 'PHP_SELF' => '/index.php');
if ($uri->getScheme() === 'https') {
$defaultServerEnvironment['HTTPS'] = 'on';
$defaultServerEnvironment['SERVER_PORT'] = $uri->getPort() ?: 443;
}
if (in_array($method, array('POST', 'PUT', 'DELETE'))) {
$defaultServerEnvironment['HTTP_CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
}
$query = $uri->getQuery();
$fragment = $uri->getFragment();
$overrideValues = array('REQUEST_URI' => $uri->getPath() . ($query !== '' ? '?' . $query : '') . ($fragment !== '' ? '#' . $fragment : ''), 'REQUEST_METHOD' => $method, 'QUERY_STRING' => $query);
$server = array_replace($defaultServerEnvironment, $server, $overrideValues);
return new static($get, $post, $files, $server);
}
