protected function getDestinationPath(Uri $baseUri, HttpRequest $request)
{
if (!$request->hasHeader('Destination')) {
throw new BadRequestException();
}
$dest = $request->getHeader('Destination');
if (preg_match("'^(?:https?:)?//'i", $dest)) {
try {
$uri = new Uri($dest);
} catch (\Exception $e) {
throw new BadRequestException($e);
}
if (0 !== strpos((string) $uri, rtrim($baseUri, '/') . '/')) {
throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
}
return Uri::decode(substr($uri->getPath(), strlen(rtrim($baseUri->getPath(), '/') . '/')));
}
if (preg_match("'^/.*'", $dest)) {
$path = '/' . trim($dest, '/');
$base = rtrim('/' . $baseUri->getPath(), '/') . '/';
if (0 !== strpos($path, $base)) {
throw new WebDavException(WebDav::CODE_BAD_GATEWAY);
}
return Uri::decode(substr($path, strlen($base)));
}
throw new BadRequestException();
}
protected function sendRequest(StreamInterface $stream, HttpRequest $request)
{
$chunked = 'chunked' == strtolower(trim($request->getHeader('Transfer-Encoding', '')));
$chunked = $chunked && $request->hasEntity();
$compress = 'gzip' == strtolower(trim($request->getHeader('Content-Encoding', '')));
$this->sendRequestLine($stream, $request);
foreach ($request->getHeaders() as $n => $headers) {
if ($n == 'content-length') {
continue;
}
if (!$chunked && $n == 'transfer-encoding') {
continue;
}
foreach ($headers as $header) {
$stream->write(sprintf("%s: %s\r\n", $header[0], $header[1]));
}
}
$encoded = [];
foreach ($request->getCookies() as $k => $v) {
$encoded[] = Uri::encode($k) . '=' . Uri::encode($v);
}
if (!empty($encoded)) {
$stream->write(sprintf("Cookie: %s\r\n", implode('; ', $encoded)));
}
if (!$chunked) {
$this->sendEntity($stream, $request, $compress);
} else {
$this->sendChunkedEntity($stream, $request, $compress);
}
}
public function getResourcePath(Uri $baseUri, Uri $requestUri)
{
if ($this->path === '') {
return ltrim(substr($requestUri->getPath(false), strlen($baseUri->getPath(false))), '/');
}
if (preg_match("'^/+'", $this->path)) {
return ltrim($this->path, '/');
}
if (preg_match("'^https?://'", $this->path)) {
if (0 !== strpos($this->path, $baseUri)) {
throw new \InvalidArgumentException(sprintf('URI does not refer to this WebDAV share: "%s"', $this->path));
}
return Uri::decode(trim(substr($this->path, strlen($baseUri)), '/'));
}
throw new \InvalidArgumentException(sprintf('Unprocessable tag in list: "%s"', $this->path));
}
/**
* {@inheritdoc}
*/
public function startAuthentication(TokenInterface $token, HttpRequest $request, HttpResponse $response)
{
if (!$token instanceof FormAuthToken) {
throw new SecurityException(sprintf('Invalid token %s passed to %s', get_class($token), get_class($this)));
}
$loginUri = new Uri($this->auth->getLoginUri());
$path = trim($request->getUri()->getPath(false), '/');
$loginPath = trim($loginUri->getPath(false), '/');
$session = $this->securityContext->getSession();
$data = (array) $session->get($this->auth->getKey(), NULL);
// Save the current URI when it is not the login URI.
if ($path !== $loginPath && !array_key_exists(FormAuthenticationProvider::SESSION_URI, $data)) {
$data[FormAuthenticationProvider::SESSION_URI] = (string) $request->getUri();
}
$session->set($this->auth->getKey(), $data);
$response->setStatus(Http::REDIRECT_TEMPORARY);
$response->setReason(Http::getReason(Http::REDIRECT_TEMPORARY));
$response->setHeader('Location', $loginUri);
}
/**
* Get the path info of this request (that is the path starting at the base bath of the front
* controller).
*
* @return string
*/
public function getPathInfo()
{
$path = trim($this->uri->getPath(false), '/');
if ($this->pathBase == '') {
return $path;
}
if ($path == $this->pathBase) {
return '';
}
return preg_replace("'^" . preg_quote($this->pathBase, "'") . "/'i", '', $path);
}
public function buildHttpRequest()
{
try {
$method = $this->getRequestMethod();
$request = new HttpRequest($this->getRequestUri(), $method, $this->getProtocol());
$request->setRawUri($this->getRawRequestUri());
$request->setPathBase(trim($this->getBaseUri()->getPath(false), '/'));
$request->setCookies($this->getCookies());
foreach ($this->getHeaders() as $name => $value) {
$request->setHeader($name, $value);
if ($name == 'content-type') {
$mediaType = $request->getMediaType();
if ($mediaType->is(Http::FORM_ENCODED)) {
if ($method != Http::METHOD_POST) {
$fields = Uri::parseQuery(file_get_contents($this->getInputUrl()));
$request->setEntity(new FormEntity($fields));
} else {
$request->setEntity(new FormEntity($this->getPostParams()));
}
} elseif ($mediaType->is(Http::FORM_MULTIPART_ENCODED)) {
if ($method != Http::METHOD_POST) {
throw new \RuntimeException('Multipart requests must be POST');
}
$request->setEntity(new MultipartFormEntity($this->getPostParams(), $this->getFiles()));
}
}
}
if (!$request->hasEntity()) {
$request->setEntity(new StreamEntity(ResourceInputStream::fromUrl($this->getInputUrl())));
}
} catch (BadRequestException $e) {
throw $e;
} catch (\Exception $e) {
throw new BadRequestException($e);
}
return $request;
}
public function streamResourcePropertyNames(ResourceInterface $resource, XmlStreamWriterInterface $xml, $baseUri)
{
$xml->startElement(WebDav::NS_DAV, 'response');
$xml->writeElement(WebDav::NS_DAV, 'href', $baseUri . Uri::encode($resource->getPath()));
$xml->startElement(WebDav::NS_DAV, 'propstat');
$xml->startElement(WebDav::NS_DAV, 'prop');
$xml->writeElement(WebDav::NS_DAV, 'displayname');
$xml->writeElement(WebDav::NS_DAV, 'getcontenttype');
$xml->writeElement(WebDav::NS_DAV, 'creationdate');
$xml->writeElement(WebDav::NS_DAV, 'getlastmodified');
$xml->writeElement(WebDav::NS_DAV, 'resourcetype');
if (!$resource->isCollection()) {
$xml->writeElement(WebDav::NS_DAV, 'getcontentlength');
$xml->writeElement(WebDav::NS_DAV, 'getetag');
}
$xml->writeElement(WebDav::NS_DAV, 'supported-method-set');
$this->dispatcher->notify(new SerializePropertyNamesEvent($resource, $this->baseUri, $xml));
$xml->endElement();
// D:prop
$xml->writeElement(WebDav::NS_DAV, 'status', 'HTTP/1.1 200 OK');
$xml->endElement();
// D:propstat
$xml->endElement();
// D:response
$xml->flush();
}
/**
* Resolve and replace parameter values in the assembled URI.
*
* @param UriInfo $info
* @param array<string, mixed> $params
* @return UriInfo
*/
protected function resolveParams(UriInfo $info, array $params)
{
$uri = $info->getUri();
if (false === strpos($uri, '{')) {
return $info;
}
$ctx = NULL;
$result = '';
foreach (preg_split("'(\\{[^\\}]+\\})'", $uri, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY) as $part) {
if ('{' != substr($part, 0, 1)) {
$result .= $part;
continue;
}
$placeholder = substr($part, 1, -1);
if ('*' == substr($placeholder, -1)) {
$placeholder = substr($placeholder, 0, -1);
$multi = true;
} else {
$multi = false;
}
switch (substr($placeholder, 0, 1)) {
case '.':
$placeholder = substr($placeholder, 1);
$prefix = '.';
$join = $multi ? '.' : ',';
break;
case '/':
$placeholder = substr($placeholder, 1);
$prefix = '/';
$join = $multi ? '/' : ',';
break;
default:
$prefix = '';
$join = ',';
}
if (false === strpos($placeholder, '.')) {
$value = array_key_exists($placeholder, $params) ? $params[$placeholder] : $this;
} else {
if ($ctx === NULL) {
$ctx = $this->factory->createContext($params);
}
$value = $ctx->resolveValue(explode('.', $placeholder), $this);
}
if ($value === $this) {
$result .= $part;
} elseif (is_array($value) || $value instanceof \Traversable) {
$i = 0;
foreach ($value as $val) {
$result .= ($i++ == 0 ? $prefix : $join) . Uri::encode($val, true);
}
} else {
$result .= $prefix . Uri::encode($value, true);
}
}
return new UriInfo($result, $info->getRouteName(), $info->getMethods(), $info->getHandler());
}
public function toXml(XmlStreamWriterInterface $xml, Uri $baseUri)
{
$xml->startElement(WebDav::NS_DAV, 'activelock');
$xml->startElement(WebDav::NS_DAV, 'lockscope');
$xml->writeElement(WebDav::NS_DAV, $this->isExclusive() ? 'exclusive' : 'shared');
$xml->endElement();
// lockscope
$xml->startElement(WebDav::NS_DAV, 'locktype');
$xml->writeElement(WebDav::NS_DAV, 'write');
$xml->endElement();
// locktype
$xml->writeElement(WebDav::NS_DAV, 'depth', $this->depth);
if ($this->owner != '') {
$xml->startElement(WebDav::NS_DAV, 'owner');
if (preg_match("'^[^:]+://'i", $this->owner)) {
$xml->writeElement(WebDav::NS_DAV, 'href', $this->owner);
} else {
$xml->writeText($this->owner);
}
$xml->endElement();
// owner
}
$seconds = $this->expires->getTimestamp() - time();
$xml->writeElement(WebDav::NS_DAV, 'timeout', 'Second-' . ($seconds < 0 ? 0 : $seconds));
$xml->startElement(WebDav::NS_DAV, 'locktoken');
$xml->writeElement(WebDav::NS_DAV, 'href', 'urn:webdav:lock:' . $this->token);
$xml->endElement();
// locktoken
$xml->startElement(WebDav::NS_DAV, 'lockroot');
$xml->writeElement(WebDav::NS_DAV, 'href', rtrim($baseUri, '/') . Uri::encode($this->rootPath));
$xml->endElement();
// lockroot
$xml->endElement();
// activelock
}
public function send(StreamInterface $stream)
{
$stream->write(Uri::buildQuery($this->fields));
}
public function getFieldValue()
{
$buffer = sprintf('%s=%s', Uri::encode($this->name), Uri::encode($this->value));
$dirs = [];
// Do not send expires=0 because it is not handled correctly by IE!
// Leaving out an expires directive will cause the cookie to be a session cookie.
if ($this->expires !== NULL) {
$dirs['expires'] = $this->expires->format(Http::DATE_COOKIE);
}
$dirs['path'] = $this->path;
$dirs['domain'] = $this->domain;
$dirs['httpOnly'] = $this->httpOnly;
$dirs['secure'] = $this->secure;
$dirs['discard'] = $this->discard;
$dirs['version'] = 1;
$str = Directives::getDirectiveString($dirs, ';', ['domain', 'path']);
return $str == '' ? $buffer : $buffer . '; ' . $str;
}
protected function replaceParams($pattern, array $params)
{
$result = '';
foreach (preg_split("'(\\{(?:(?>[^\\{\\}]+)|(?R))+\\})'S", $pattern, -1, PREG_SPLIT_DELIM_CAPTURE) as $part) {
if (substr($part, 0, 1) == '{') {
$key = substr($part, 1, -1);
if (!array_key_exists($key, $params)) {
throw new \OutOfBoundsException(sprintf('Placeholder value not found: "%s"', $key));
}
$result .= Uri::encode($params[$key]);
} else {
$result .= $part;
}
}
return $result;
}