/**
* Handles request in order to authenticate.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse The response instance
*
* @return boolean TRUE if the authentication has been successful, else FALSE
*
* @throws \Exception
*/
public function handleRequest(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse)
{
// iterate over all servlets and return the matching one
/**
* @var string $urlPattern
* @var \AppserverIo\Http\Authentication\AuthenticationInterface $authenticationAdapter
*/
foreach ($this->authenticationAdapters as $urlPattern => $authenticationAdapter) {
// we'll match our URI against the URL pattern
if (fnmatch($urlPattern, $servletRequest->getServletPath() . $servletRequest->getPathInfo())) {
// the URI pattern matches, init the adapter and try to authenticate
// check if auth header is not set in coming request headers
if (!$servletRequest->hasHeader(Protocol::HEADER_AUTHORIZATION)) {
// send header for challenge authentication against client
$servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
}
// initialize the adapter with the current request
$authenticationAdapter->init($servletRequest->getHeader(HttpProtocol::HEADER_AUTHORIZATION), $servletRequest->getMethod());
// try to authenticate the request
$authenticated = $authenticationAdapter->authenticate();
if (!$authenticated) {
// send header for challenge authentication against client
$servletResponse->addHeader(HttpProtocol::HEADER_WWW_AUTHENTICATE, $authenticationAdapter->getAuthenticateHeader());
}
return $authenticated;
}
}
// we did not find an adapter for that URI pattern, no authentication required then
return true;
}
/**
* Try to authenticate the user making this request, based on the specified login configuration.
*
* Return TRUE if any specified constraint has been satisfied, or FALSE if we have created a response
* challenge already.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The servlet request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse The servlet response instance
*
* @return boolean TRUE if authentication has already been processed on a request before, else FALSE
* @throws \AppserverIo\Http\Authentication\AuthenticationException Is thrown if the request can't be authenticated
*/
public function authenticate(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse)
{
// check if auth header is not set in coming request headers
if ($servletRequest->hasHeader(Protocol::HEADER_AUTHORIZATION) === false) {
// stop processing immediately
$servletRequest->setDispatched(true);
$servletResponse->setStatusCode(401);
$servletResponse->addHeader(Protocol::HEADER_WWW_AUTHENTICATE, $this->getAuthenticateHeader());
return false;
}
// load the raw login credentials
$rawAuthData = $servletRequest->getHeader(Protocol::HEADER_AUTHORIZATION);
// set auth hash got from auth data request header and check if username and password has been passed
if (strstr($credentials = base64_decode(trim(strstr($rawAuthData, " "))), ':') === false) {
// stop processing immediately
$servletRequest->setDispatched(true);
$servletResponse->setStatusCode(401);
$servletResponse->addHeader(Protocol::HEADER_WWW_AUTHENTICATE, $this->getAuthenticateHeader());
return false;
}
// get out username and password
list($username, $password) = explode(':', $credentials);
// query whether or not a username and a password has been passed
if ($password === null || $username === null) {
// stop processing immediately
$servletRequest->setDispatched(true);
$servletResponse->setStatusCode(401);
$servletResponse->addHeader(Protocol::HEADER_WWW_AUTHENTICATE, $this->getAuthenticateHeader());
return false;
}
// set username and password
$this->username = new String($username);
$this->password = new String($password);
// load the realm to authenticate this request for
/** @var AppserverIo\Appserver\ServletEngine\Security\RealmInterface $realm */
$realm = $this->getAuthenticationManager()->getRealm($this->getRealmName());
// authenticate the request and initialize the user principal
$userPrincipal = $realm->authenticate($this->getUsername(), $this->getPassword());
// query whether or not the realm returned an authenticated user principal
if ($userPrincipal == null) {
// stop processing immediately
$servletRequest->setDispatched(true);
$servletResponse->setStatusCode(401);
$servletResponse->setBodyStream('Unauthorized');
$servletResponse->addHeader(Protocol::HEADER_WWW_AUTHENTICATE, $this->getAuthenticateHeader());
return false;
}
// add the user principal and the authentication type to the request
$servletRequest->setUserPrincipal($userPrincipal);
$servletRequest->setAuthType($this->getAuthType());
return true;
}
/**
* Populates the passed request with the request data of the original request
* found in the also passed session.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The servlet request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpSessionInterface $session The session instance
*
* @return void
*/
protected function restoreRequest(HttpServletRequestInterface $servletRequest, HttpSessionInterface $session)
{
// query whether or not we can find the original request in the session
if ($session->hasKey(Constants::FORM_REQUEST)) {
// load the origin request from the session
$req = $session->getData(Constants::FORM_REQUEST);
// restore the original request data
$servletRequest->setHeaders($req->headers);
$servletRequest->setCookies($req->cookies);
$servletRequest->setUserPrincipal($req->userPrincipal);
$servletRequest->setServerName($req->serverName);
$servletRequest->setQueryString($req->queryString);
$servletRequest->setRequestUri($req->requestUri);
$servletRequest->setDocumentRoot($req->documentRoot);
$servletRequest->setRequestUrl($req->requestUrl);
// set the body content if we can find one
if ($servletRequest->getHeader(Protocol::HEADER_CONTENT_LENGTH) > 0) {
$servletRequest->setBodyStream($req->bodyContent);
}
}
}
/**
* Returns the array with the $_COOKIE vars.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance
*
* @return array The $_COOKIE vars
*/
protected function initCookieGlobals(HttpServletRequestInterface $servletRequest)
{
$cookie = array();
foreach (explode(';', $servletRequest->getHeader(Protocol::HEADER_COOKIE)) as $cookieLine) {
list($key, $value) = explode('=', $cookieLine);
$cookie[trim($key)] = trim($value);
}
return $cookie;
}
/**
* Tries to load the requested thumbnail from the applications WEB-INF directory
* and adds it to the response.
*
* @param \AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest The request instance
* @param \AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse The response instance
*
* @return void
* @see \AppserverIo\Psr\Servlet\Http\HttpServlet::doGet()
*
* @SWG\Get(
* path="/thumbnails.do/{id}",
* tags={"applications"},
* summary="The application's thumbnail",
* produces={"image/png"},
* @SWG\Parameter(
* name="id",
* in="path",
* description="The name of the application to load the thumbnail for",
* required=true,
* type="string"
* ),
* @SWG\Response(
* response=200,
* description="The application's thumbnail"
* ),
* @SWG\Response(
* response=500,
* description="Internal Server Error"
* )
* )
*/
public function doGet(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse)
{
// load the requested path info, e. g. /api/thumbnails.do/example/
$pathInfo = trim($servletRequest->getPathInfo(), '/');
// extract the entity and the ID, if available
list($id, ) = explode('/', $pathInfo);
// load file information and return the file object if possible
$fileInfo = new \SplFileInfo($path = $this->getApplicationProcessor()->thumbnail($id));
if ($fileInfo->isDir()) {
throw new FoundDirInsteadOfFileException(sprintf("Requested file %s is a directory", $path));
}
if ($fileInfo->isFile() === false) {
throw new FileNotFoundException(sprintf('File %s not not found', $path));
}
if ($fileInfo->isReadable() === false) {
throw new FileNotReadableException(sprintf('File %s is not readable', $path));
}
// open the file itself
$file = $fileInfo->openFile();
// set mimetypes to header
$servletResponse->addHeader(HttpProtocol::HEADER_CONTENT_TYPE, MimeTypes::getMimeTypeByExtension(pathinfo($file->getFilename(), PATHINFO_EXTENSION)));
// set last modified date from file
$servletResponse->addHeader(HttpProtocol::HEADER_LAST_MODIFIED, gmdate('D, d M Y H:i:s \\G\\M\\T', $file->getMTime()));
// set expires date
$servletResponse->addHeader(HttpProtocol::HEADER_EXPIRES, gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 3600));
// check if If-Modified-Since header info is set
if ($servletRequest->getHeader(HttpProtocol::HEADER_IF_MODIFIED_SINCE)) {
// check if file is modified since header given header date
if (strtotime($servletRequest->getHeader(HttpProtocol::HEADER_IF_MODIFIED_SINCE)) >= $file->getMTime()) {
// send 304 Not Modified Header information without content
$servletResponse->addHeader(HttpProtocol::HEADER_STATUS, 'HTTP/1.1 304 Not Modified');
$servletResponse->appendBodyStream(PHP_EOL);
return;
}
}
// add the thumbnail as response content
$servletResponse->appendBodyStream(file_get_contents($file->getRealPath()));
}
