/** * Create script HTML * * @param mixed $item Item to convert * @param string $indent String to add before the item * @param string $escapeStart Starting sequence * @param string $escapeEnd Ending sequence * * @return string */ public function itemToString($item, $indent, $escapeStart, $escapeEnd) { if (!empty($item->attributes['src'])) { $ua = $this->request->getHeader('User-Agent'); $agent = $ua !== false ? $ua->toString() : ''; if (strstr($agent, 'MSIE 8.0') || strstr($agent, 'MSIE 7.0')) { if ($item->attributes['src'] == 'vendor/jquery.min.js') { $item->attributes['src'] = 'vendor/jquery-1.12.1.min.js'; } } } return parent::itemToString($item, $indent, $escapeStart, $escapeEnd); }
/** * @param Request $request * @param Response $response * @param MvcAuthEvent $mvcAuthEvent * @return bool|AuthenticatedIdentity */ public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent) { $apiUser = $request->getHeader('xapiuser', null); $apiKey = $request->getHeader('xapikey', null); if (null === $apiKey) { return false; } if (null === $apiUser) { return false; } if (true === array_key_exists($apiUser->getFieldValue(), $this->userConfig['users'])) { if ($this->userConfig['users'][$apiUser->getFieldValue()] === $apiKey->getFieldValue()) { return new AuthenticatedIdentity(new Identity()); } } return false; }
/** * Get the API version from the Accept header * * @param Request $request * @return integer */ protected function getVersion(Request $request) { $accept = $request->getHeader('Accept', false); if (!$accept) { return 1; } if (preg_match('/application\\/vnd\\.apigility\\.v(\\d+)\\+json/', $accept->getFieldValue(), $matches)) { return (int) $matches[1]; } return 1; }
/** * Determine if the incoming request provides either basic or digest * credentials * * @param Request $request * @return false|string */ public function getTypeFromRequest(Request $request) { $authorization = $request->getHeader('Authorization'); if (!$authorization) { return false; } $authorization = trim($authorization->getFieldValue()); $type = $this->getTypeFromAuthorizationHeader($authorization); if (!in_array($type, $this->authorizationTokenTypes)) { return false; } return $type; }
public function testParameterRetrievalDefaultValue() { $request = new Request(); $p = new \Zend\Stdlib\Parameters(array('foo' => 'bar')); $request->setQuery($p); $request->setPost($p); $request->setFiles($p); $default = 15; $this->assertSame($default, $request->getQuery('baz', $default)); $this->assertSame($default, $request->getPost('baz', $default)); $this->assertSame($default, $request->getFiles('baz', $default)); $this->assertSame($default, $request->getHeaders('baz', $default)); $this->assertSame($default, $request->getHeader('baz', $default)); }
/** * Check if request came from IE < 10 and too large CSS (> 4095 selectors). * Split if necessary. * * @param \stdClass $item data item * @param array $details Theme item details * * @return string */ protected function splitCssForIe(\stdClass $item, $details) { $file = $details['path']; // Return right away if the file doesn't exist or is too small to // be a problem, hopefully if (!file_exists($file) || filesize($file) < 65535) { return ''; } $ua = $this->request->getHeader('User-Agent'); $agent = is_object($ua) ? $ua->toString() : ''; if (strstr($agent, 'MSIE 9.0') || strstr($agent, 'MSIE 8.0') || strstr($agent, 'MSIE 7.0')) { $theme = $details['theme']; $basename = basename($file); $fileTime = filemtime($file); $cache = $this->cacheManager->getCache('stylesheet')->getOptions()->getCacheDir(); if (!file_exists("{$cache}/{$theme}/{$basename}_part1.css") || filemtime("{$cache}/{$theme}/{$basename}_part1.css") < $fileTime) { // Populate cache if (!is_dir("{$cache}/{$theme}")) { mkdir("{$cache}/{$theme}"); } $handle = $this->acquireLock("{$cache}/{$theme}/lockfile"); array_map('unlink', glob("{$cache}/{$theme}/{$basename}_*") ?: []); $css = file_get_contents($file); $splitter = new \CssSplitter\Splitter($css); $selectorCount = $splitter->countSelectors(); $partCount = ceil($selectorCount / 4095); for ($part = 1; $part <= $partCount; $part++) { file_put_contents("{$cache}/{$theme}/{$basename}_part{$part}.css", $splitter->split(null, $part)); } $this->releaseLock($handle); } $result = []; $urlHelper = $this->getView()->plugin('url'); $files = glob("{$cache}/{$theme}/{$basename}_part*"); foreach ($files as $css) { $url = $urlHelper('home') . "themes/{$theme}/css/" . basename($css); $url .= strstr($url, '?') ? '&_=' : '?_='; $url .= filemtime($css); $item->href = $url; $result[] = parent::itemToString($item); } return implode("\n", $result); } return ''; }
/** * {@inhertidoc} * @see \InoOicServer\Client\Authentication\Method\MethodInterface::authenticate() */ public function authenticate(Client\Authentication\Info $info, Http\Request $httpRequest) { /* @var $httpRequest \Zend\Http\Request */ $authorizationHeader = $httpRequest->getHeader('Authorization'); if (!$authorizationHeader) { return $this->createFailureResult('Missing authorization header'); } $value = $authorizationHeader->getFieldValue(); $parts = explode(' ', $value); if ('basic' !== trim(strtolower($parts[0]))) { return $this->createFailureResult(sprintf("Unsupported authorization '%s'", $parts[0])); } if (!isset($parts[1])) { return $this->createFailureResult('Missing authorization hash'); } $receivedHash = trim($parts[1]); $clientHash = base64_encode(sprintf("%s:%s", $info->getClientId(), $info->getOption(self::AUTH_OPTION_SECRET))); if ($receivedHash !== $clientHash) { return $this->createFailureResult('Invalid authorization'); } return $this->createSuccessResult(); }
private function processHttpRequest(Request $request, Collection $results) { $defaultAccept = new Accept(); $defaultAccept->addMediaType(self::CONTENT_TYPE_HTML); $acceptHeader = $request->getHeader('Accept', $defaultAccept); if ($acceptHeader->match(self::CONTENT_TYPE_HTML) || !$acceptHeader->match(self::CONTENT_TYPE_JSON)) { // Display results as a web page return new ViewModel(array('results' => $results)); } return new JsonModel($this->getResultCollectionToArray($results)); }
/** * @param \Zend\Http\Request $request */ public function it_should_fall_back_on_query_token_when_no_authentication_header_is_available($request) { $request->getHeader('Authorization')->willReturn(null); $request->getQuery('token', [])->willReturn(['token' => 'user_token_id', 'auth' => 'encrypted_auth']); $this->setRequest($request); $this->createToken()->shouldReturnAnInstanceOf('Phpro\\MvcAuthToken\\Token'); }
/** * Parse request * * @param \Zend\Http\Request $request * @param \Zend\Http\Response $request * @return string|null $error */ public function parse(Request $request, Response $response) { $this->request = $request; $this->response = $response; $response->getHeaders()->addHeaderLine('Content-Type', static::$responseMime . '; charset=utf-8'); $accept = $request->getHeader('Accept'); if (empty($accept)) { return self::INVALID_REQUEST; } $requestMimes = implode('|', array(static::$requestMime, preg_quote('*/*', '#'))); foreach (explode(',', $accept->getFieldValue()) as $acceptType) { if (preg_match('#^(' . $requestMimes . ')(;.*)?$#', trim($acceptType))) { return null; } } return self::INVALID_REQUEST; }
/** * Get a single value for the "Access-Control-Allow-Origin" header * * According to the spec, it is not valid to set multiple origins separated by commas. Only accepted * value are wildcard ("*"), an exact domain or a null string. * * @link http://www.w3.org/TR/cors/#access-control-allow-origin-response-header * @param HttpRequest $request * @return string */ protected function getAllowedOriginValue(HttpRequest $request) { $allowedOrigins = $this->options->getAllowedOrigins(); if (in_array('*', $allowedOrigins)) { return '*'; } $origin = $request->getHeader('Origin')->getFieldValue(); foreach ($allowedOrigins as $allowedOrigin) { if (fnmatch($allowedOrigin, $origin)) { return $origin; } } return 'null'; }
/** * Returns the required HTTP header. * * @param string $name * @return \Zend\Http\Header\HeaderInterface|\ArrayIterator|null */ protected function _getHeader($name) { return $this->httpRequest->getHeader($name); }
/** * Attempt to authenticate the current request. * * @param Request $request * @param Response $response * @param MvcAuthEvent $mvcAuthEvent * @return false|Identity\IdentityInterface False on failure, IdentityInterface * otherwise */ public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent) { if (!$request->getHeader('Authorization', false)) { // No credentials were present at all, so we just return a guest identity. return new Identity\GuestIdentity(); } $this->httpAuth->setRequest($request); $this->httpAuth->setResponse($response); $result = $this->authenticationService->authenticate($this->httpAuth); $mvcAuthEvent->setAuthenticationResult($result); if (!$result->isValid()) { return false; } $resultIdentity = $result->getIdentity(); // Pass fully discovered identity to AuthenticatedIdentity instance $identity = new Identity\AuthenticatedIdentity($resultIdentity); // But determine the name separately $name = $resultIdentity; if (is_array($resultIdentity)) { $name = isset($resultIdentity['username']) ? $resultIdentity['username'] : (string) array_shift($resultIdentity); } $identity->setName($name); return $identity; }
/** * Negotiates the request payload. * * @param \BedRest\Rest\Request\Request $restRequest * @param \Zend\Http\Request $httpRequest * @param \Zend\ServiceManager\ServiceLocatorInterface $serviceLocator */ protected function negotiateContent(RestRequest $restRequest, HttpRequest $httpRequest, ServiceLocatorInterface $serviceLocator) { $content = $httpRequest->getContent(); $contentType = $httpRequest->getHeader('Content-Type'); if (!empty($content) && !empty($contentType)) { /** @var \BedRest\Content\Negotiation\Negotiator $negotiator */ $negotiator = $serviceLocator->get('BedRest.ContentNegotiator'); $restRequest->setContent($negotiator->decode($content, $contentType->value)); $restRequest->setContentType($contentType); } }