public function testGetWithCookies() { $request = new Request('GET', 'http://local.example'); $jar = CookieJar::fromArray(['Foo' => 'Bar', 'identity' => 'xyz'], 'local.example'); $curl = $this->curlFormatter->format($request, ['cookies' => $jar]); $this->assertNotContains("-H 'Host: local.example'", $curl); $this->assertContains("-b 'Foo=Bar; identity=xyz'", $curl); }
/** * Sets up and fills a cookie jar * * @param [array] $params Request data to fill jar with * @return [GuzzleHttp\Cookie\CookieJar] $jar */ static function fillCookieJar($params) { $jar = new CookieJar(); $cookies = array(); if ($session = Session::instance()->get('session', false)) { $cookies['X-Pantheon-Session'] = $session; } if (isset($params['cookies'])) { $cookies = array_merge($cookies, $params['cookies']); } $jar->fromArray($cookies, ''); return $jar; }
protected function doRequest($request) { $headers = array(); foreach ($request->getServer() as $key => $val) { $key = strtolower(str_replace('_', '-', $key)); $contentHeaders = array('content-length' => true, 'content-md5' => true, 'content-type' => true); if (0 === strpos($key, 'http-')) { $headers[substr($key, 5)] = $val; } elseif (isset($contentHeaders[$key])) { $headers[$key] = $val; } } $cookies = CookieJar::fromArray($this->getCookieJar()->allRawValues($request->getUri()), $request->getServer()['HTTP_HOST']); $requestOptions = array('cookies' => $cookies, 'allow_redirects' => false, 'auth' => $this->auth); if (!in_array($request->getMethod(), array('GET', 'HEAD'))) { if (null !== ($content = $request->getContent())) { $requestOptions['body'] = $content; } else { if ($files = $request->getFiles()) { $requestOptions['multipart'] = []; $this->addPostFields($request->getParameters(), $requestOptions['multipart']); $this->addPostFiles($files, $requestOptions['multipart']); } elseif (!empty($headers['content-type']) && 'multipart/form-data' == $headers['content-type'] && !$files) { $requestOptions['multipart'] = []; $this->addPostFields($request->getParameters(), $requestOptions['multipart']); } else { $requestOptions['form_params'] = $request->getParameters(); } } } if (!empty($headers)) { $requestOptions['headers'] = $headers; } $method = $request->getMethod(); $uri = $request->getUri(); foreach ($this->headers as $name => $value) { $requestOptions['headers'][$name] = $value; } // Let BrowserKit handle redirects try { $response = $this->getClient()->request($method, $uri, $requestOptions); } catch (RequestException $e) { $response = $e->getResponse(); if (null === $response) { throw $e; } } return $this->createResponse($response); }
/** * Proxy authenticates to a target service. * * Returns cookies from the proxied service in a * CookieJar object for use when later accessing resources. * * @param string $target_service * The service to be proxied. * * @return \GuzzleHttp\Cookie\CookieJar * A CookieJar object (array storage) containing cookies from the * proxied service. * * @throws CasProxyException */ public function proxyAuthenticate($target_service) { // Check to see if we have proxied this application already. if (isset($_SESSION['cas_proxy_helper'][$target_service])) { $cookies = array(); foreach ($_SESSION['cas_proxy_helper'][$target_service] as $cookie) { $cookies[$cookie['Name']] = $cookie['Value']; } $domain = $cookie['Domain']; $jar = CookieJar::fromArray($cookies, $domain); $this->casHelper->log("{$target_service} already proxied. Returning information from session."); return $jar; } if (!($this->casHelper->isProxy() && isset($_SESSION['cas_pgt']))) { // We can't perform proxy authentication in this state. throw new CasProxyException("Session state not sufficient for proxying."); } // Make request to CAS server to retrieve a proxy ticket for this service. $cas_url = $this->getServerProxyURL($target_service); try { $this->casHelper->log("Retrieving proxy ticket from: {$cas_url}"); $response = $this->httpClient->get($cas_url); $this->casHelper->log("Received: " . htmlspecialchars($response->getBody()->__toString())); } catch (ClientException $e) { throw new CasProxyException($e->getMessage()); } $proxy_ticket = $this->parseProxyTicket($response->getBody()); $this->casHelper->log("Extracted proxy ticket: {$proxy_ticket}"); // Make request to target service with our new proxy ticket. // The target service will validate this ticket against the CAS server // and set a cookie that grants authentication for further resource calls. $params['ticket'] = $proxy_ticket; $service_url = $target_service . "?" . UrlHelper::buildQuery($params); $cookie_jar = new CookieJar(); try { $this->casHelper->log("Contacting service: {$service_url}"); $this->httpClient->get($service_url, ['cookies' => $cookie_jar]); } catch (ClientException $e) { throw new CasProxyException($e->getMessage()); } // Store in session storage for later reuse. $_SESSION['cas_proxy_helper'][$target_service] = $cookie_jar->toArray(); $this->casHelper->log("Stored cookies from {$target_service} in session."); return $cookie_jar; }
/** * Tests access to routes protected by CSRF request header requirements. * * This checks one route that uses _csrf_request_header_token and one that * uses the deprecated _access_rest_csrf. */ public function testRouteAccess() { $client = \Drupal::httpClient(); $csrf_token_paths = ['deprecated/session/token', 'session/token']; // Test using the both the current path and a test path that returns // a token using the deprecated 'rest' value. // Checking /deprecated/session/token can be removed in 8.3. // @see \Drupal\Core\Access\CsrfRequestHeaderAccessCheck::access() foreach ($csrf_token_paths as $csrf_token_path) { // Check both test routes. $route_names = ['csrf_test.protected', 'csrf_test.deprecated.protected']; foreach ($route_names as $route_name) { $user = $this->drupalCreateUser(); $this->drupalLogin($user); $csrf_token = $this->drupalGet($csrf_token_path); $url = Url::fromRoute($route_name)->setAbsolute(TRUE)->toString(); $domain = parse_url($url, PHP_URL_HOST); $session_id = $this->getSession()->getCookie($this->getSessionName()); /** @var \GuzzleHttp\Cookie\CookieJar $cookies */ $cookies = CookieJar::fromArray([$this->getSessionName() => $session_id], $domain); $post_options = ['headers' => ['Accept' => 'text/plain'], 'http_errors' => FALSE]; // Test that access is allowed for anonymous user with no token in header. $result = $client->post($url, $post_options); $this->assertEquals(200, $result->getStatusCode()); // Add cookies to POST options so that all other requests are for the // authenticated user. $post_options['cookies'] = $cookies; // Test that access is denied with no token in header. $result = $client->post($url, $post_options); $this->assertEquals(403, $result->getStatusCode()); // Test that access is allowed with correct token in header. $post_options['headers']['X-CSRF-Token'] = $csrf_token; $result = $client->post($url, $post_options); $this->assertEquals(200, $result->getStatusCode()); // Test that access is denied with incorrect token in header. $post_options['headers']['X-CSRF-Token'] = 'this-is-not-the-token-you-are-looking-for'; $result = $client->post($url, $post_options); $this->assertEquals(403, $result->getStatusCode()); } } }
private function add_cookies(RequestInterface $request, $value) { if ($value === true) { static $cookie = null; if (!$cookie) { $cookie = new Cookie(); } $request->getEmitter()->attach($cookie); } elseif (is_array($value)) { $request->getEmitter()->attach(new Cookie(CookieJar::fromArray($value, $request->getHost()))); } elseif ($value instanceof CookieJarInterface) { $request->getEmitter()->attach(new Cookie($value)); } elseif ($value !== false) { throw new \InvalidArgumentException('cookies must be an array, ' . 'true, or a CookieJarInterface object'); } }
protected function applyOptions(RequestInterface $request, array $options = []) { $config = $request->getConfig(); $emitter = $request->getEmitter(); foreach ($options as $key => $value) { if (isset(self::$configMap[$key])) { $config[$key] = $value; continue; } switch ($key) { case 'allow_redirects': if ($value === false) { continue; } if ($value === true) { $value = self::$defaultRedirect; } elseif (!isset($value['max'])) { throw new Iae('allow_redirects must be true, false, or an ' . 'array that contains the \'max\' key'); } else { // Merge the default settings with the provided settings $value += self::$defaultRedirect; } $config['redirect'] = $value; $emitter->attach($this->redirectPlugin); break; case 'decode_content': if ($value === false) { continue; } $config['decode_content'] = true; if ($value !== true) { $request->setHeader('Accept-Encoding', $value); } break; case 'headers': if (!is_array($value)) { throw new Iae('header value must be an array'); } // Do not overwrite existing headers foreach ($value as $k => $v) { if (!$request->hasHeader($k)) { $request->setHeader($k, $v); } } break; case 'exceptions': if ($value === true) { $emitter->attach($this->errorPlugin); } break; case 'body': if (is_array($value)) { $this->addPostData($request, $value); } elseif ($value !== null) { $request->setBody(Stream::factory($value)); } break; case 'auth': if (!$value) { continue; } if (is_array($value)) { $type = isset($value[2]) ? strtolower($value[2]) : 'basic'; } else { $type = strtolower($value); } $config['auth'] = $value; if ($type == 'basic') { $request->setHeader('Authorization', 'Basic ' . base64_encode("{$value['0']}:{$value['1']}")); } elseif ($type == 'digest') { // @todo: Do not rely on curl $config->setPath('curl/' . CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); $config->setPath('curl/' . CURLOPT_USERPWD, "{$value['0']}:{$value['1']}"); } break; case 'query': if ($value instanceof Query) { $original = $request->getQuery(); // Do not overwrite existing query string variables by // overwriting the object with the query string data passed // in the URL $value->overwriteWith($original->toArray()); $request->setQuery($value); } elseif (is_array($value)) { // Do not overwrite existing query string variables $query = $request->getQuery(); foreach ($value as $k => $v) { if (!isset($query[$k])) { $query[$k] = $v; } } } else { throw new Iae('query must be an array or Query object'); } break; case 'cookies': if ($value === true) { static $cookie = null; if (!$cookie) { $cookie = new Cookie(); } $emitter->attach($cookie); } elseif (is_array($value)) { $emitter->attach(new Cookie(CookieJar::fromArray($value, $request->getHost()))); } elseif ($value instanceof CookieJarInterface) { $emitter->attach(new Cookie($value)); } elseif ($value !== false) { throw new Iae('cookies must be an array, true, or CookieJarInterface'); } break; case 'events': if (!is_array($value)) { throw new Iae('events must be an array'); } $this->attachListeners($request, $this->prepareListeners($value, ['before', 'complete', 'error', 'progress', 'end'])); break; case 'subscribers': if (!is_array($value)) { throw new Iae('subscribers must be an array'); } foreach ($value as $subscribers) { $emitter->attach($subscribers); } break; case 'json': $request->setBody(Stream::factory(json_encode($value))); if (!$request->hasHeader('Content-Type')) { $request->setHeader('Content-Type', 'application/json'); } break; default: // Check for custom handler functions. if (isset($this->customOptions[$key])) { $fn = $this->customOptions[$key]; $fn($request, $value); continue; } throw new Iae("No method can handle the {$key} config key"); } } }
/** * @param $data * * @return CookieJar */ public function unserializeCookies($data) { $cookieJar = new CookieJar(); $cookieJar->fromArray(unserialize($data), $this->getDomain()); return $cookieJar; }
public function testCreatesFromArray() { $jar = CookieJar::fromArray(['foo' => 'bar', 'baz' => 'bam'], 'example.com'); $this->assertCount(2, $jar); }
/** * Sets up and fills a cookie jar * * @param array $params Request data to fill jar with * @return \GuzzleHttp\Cookie\CookieJar $jar */ private function fillCookieJar(array $params) { $jar = new CookieJar(); $cookies = array(); if (isset($params['cookies'])) { $cookies = array_merge($cookies, $params['cookies']); } $jar->fromArray($cookies, ''); return $jar; }
/** * Execute the command * * @param Command $command * @return bool */ public function execute(Command $command) { $cookies = CookieJar::fromArray(['TokenKey' => $this->getToken()], $this->hostname); $client = $this->getClient(); // Get the request method $method = $command->getMethod(); // get the url $url = $command->getUrl($this->endpoint); // create the request object with the cookie $this->lastRequest = $client->createRequest($method, $url, $command->getPayload(['cookies' => $cookies])); $this->lastResponse = $client->send($this->lastRequest); $xml = $this->lastResponse->xml(); return isset($xml->Success) && $xml->Success; }
/** * @brief 设置请求Cookie * * @param array $cookies 请求Cookie数组 * @param string $domain Cookie域 * * @return Client */ public function setCookies(array $cookies = [], $domain = null) { if (!$cookies) { $this->cookies = []; } else { //没传默认当前base_uri的域 if (!$domain) { $domain = parse_url($this->conf->baseUri, PHP_URL_HOST); } $this->cookies = \GuzzleHttp\Cookie\CookieJar::fromArray($cookies, $domain); } return $this; }