public function doRequest(GetResponseEvent $event)
{
if ($event->getRequestType() !== HttpKernel::MASTER_REQUEST) {
return;
}
$prefix = ConfigQuery::read("back_office_path");
$defaultEnabled = intval(ConfigQuery::read("back_office_path_default_enabled", "1"));
$pathInfo = $event->getRequest()->getPathInfo();
$url = $event->getRequest()->server->get('REQUEST_URI');
// Discard the default /admin URL
$isValid = 1 !== $defaultEnabled && strpos($pathInfo, '/' . BackOfficePath::DEFAULT_THELIA_PREFIX) === 0 && $prefix !== null && $prefix !== "";
if ($isValid) {
/** @var \Symfony\Component\Routing\RequestContext $context */
$context = $event->getKernel()->getContainer()->get('request.context');
$context->fromRequest($event->getRequest());
throw new NotFoundHttpException();
}
// Check if the URL is an backOffice URL
$isValid = strpos($pathInfo, '/' . $prefix) === 0 && $prefix !== null && $prefix !== "";
if ($isValid) {
$newUrl = $this->replaceUrl($url, $prefix, BackOfficePath::DEFAULT_THELIA_PREFIX);
$event->getRequest()->server->set('REQUEST_URI', $newUrl);
$event->getRequest()->initialize($event->getRequest()->query->all(), $event->getRequest()->request->all(), $event->getRequest()->attributes->all(), $event->getRequest()->cookies->all(), $event->getRequest()->files->all(), $event->getRequest()->server->all(), $event->getRequest()->getContent());
}
}
/**
* Set the username from the security context by listening on core.request
*
* @param GetResponseEvent $event
*/
public function onCoreRequest(GetResponseEvent $event)
{
$securityContext = $event->getKernel()->getContainer()->get('security.context', ContainerInterface::NULL_ON_INVALID_REFERENCE);
if (null !== $securityContext && null !== $securityContext->getToken() && $securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
$this->setUsername($this->securityContext->getToken()->getUsername());
}
}
/**
* Initiate session if not available then reads the SecurityContext from it.
*
* @param GetResponseEvent $event A GetResponseEvent instance
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
$application = $event->getKernel()->getApplication();
if (null !== $application && false === $request->hasSession()) {
$container = $application->getContainer();
$event->getRequest()->setSession($container->get('bb_session'));
}
parent::handle($event);
}
/**
* @param GetResponseEvent $event
*/
public function handle(GetResponseEvent $event)
{
$securityAuthRealm = $this->container->get('security.authRealm');
$request = $event->getRequest();
$uri = $request->getRequestUri();
foreach ($securityAuthRealm as $authRealm => $realmConfig) {
if (isset($realmConfig['authRoute']) && preg_match('#' . $realmConfig['authRoute'] . '#', $uri)) {
$event->setResponse($event->getKernel()->handle($request, HttpKernelInterface::SUB_REQUEST, true));
return;
}
}
}
/**
* Initiate session if not available then reads the SecurityContext from it.
*
* @param GetResponseEvent $event A GetResponseEvent instance
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
$application = $event->getKernel()->getApplication();
if (null !== $application && false === $request->hasSession()) {
// Don't need to check if container has service with id `bb_session` cause we declared it as synthetic
if (null === $application->getContainer()->get('bb_session')) {
$application->getContainer()->set('bb_session', $application->getSession());
}
$application->getContainer()->get('bb_session')->start();
$application->info("Session started");
$event->getRequest()->setSession($application->getContainer()->get('bb_session'));
}
parent::handle($event);
}
public function handle(GetResponseEvent $event)
{
if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
return;
}
$request = $event->getRequest();
if ($request->hasSession()) {
return;
}
if (null !== ($application = $event->getKernel()->getApplication())) {
if (!$application->getContainer()->has('bb_session')) {
$application->getContainer()->set('bb_session', $application->getSession());
}
$application->getContainer()->get('bb_session')->start();
$application->debug("Session started");
$request->setSession($application->getContainer()->get('bb_session'));
}
}
/**
* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
*/
public function onKernelRequestForward(GetResponseEvent $event)
{
if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
$request = $event->getRequest();
if ($request->attributes->get('needsForward') && $request->attributes->has('semanticPathinfo')) {
$semanticPathinfo = $request->attributes->get('semanticPathinfo');
$request->attributes->remove('needsForward');
$forwardRequest = Request::create($semanticPathinfo, $request->getMethod(), $request->getMethod() === 'POST' ? $request->request->all() : $request->query->all(), $request->cookies->all(), $request->files->all(), $request->server->all(), $request->getContent());
$forwardRequest->attributes->add($request->attributes->all());
// Not forcing HttpKernelInterface::SUB_REQUEST on purpose since we're very early here
// and we need to bootstrap essential stuff like sessions.
$event->setResponse($event->getKernel()->handle($forwardRequest));
$event->stopPropagation();
if (isset($this->logger)) {
$this->logger->info("URLAlias made request to be forwarded to {$semanticPathinfo}", array('pathinfo' => $request->getPathInfo()));
}
}
}
}
/**
* Handle authorization by HTTP Authorization header *
* <code>Authorization: BPI pk="public_key", token="token"</code>
*
* Or by query string
* <code>http://example.com/page?_authorization[pk]=public_key&_authorization[token]=token</code>
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
* @throws AuthenticationException
*/
public function handle(GetResponseEvent $event)
{
try {
if ($this->container->get('kernel')->getEnvironment() == 'test_skip_auth') {
return $this->skipAuthorization();
}
$request = $event->getRequest();
$token = new PKUserToken();
if ($request->isMethod('OPTIONS')) {
return $this->skipAuthorization();
}
if ($request->headers->has('Auth')) {
if (!preg_match('~BPI agency="(?<agency>[^"]+)", token="(?<token>[^"]+)"~i', $request->headers->get('Auth'), $matches)) {
throw new AuthenticationException('Authorization credintials required (HTTP Headers)');
}
$token->setUser($matches['agency']);
$token->token = $matches['token'];
} elseif ($request->query->has('_authorization')) {
$auth = $request->query->get('_authorization');
if (empty($auth['agency']) or empty($auth['token'])) {
throw new AuthenticationException('Authorization credintials required (GET)');
}
$token->setUser($auth['agency']);
$token->token = $auth['token'];
} else {
throw new AuthenticationException('Authorization required (none)');
}
$authToken = $this->authenticationManager->authenticate($token);
$this->securityContext->setToken($authToken);
} catch (AuthenticationException $failed) {
//simulate kernel.view event to be able REST response listener do their job
$view = new \FOS\RestBundle\View\View($failed->getMessage(), 401);
$controller_result_event = new GetResponseForControllerResultEvent($event->getKernel(), $request, $event->getRequestType(), $view);
$view_listener = new ViewResponseListener($this->container);
$view_listener->onKernelView($controller_result_event);
$event->setResponse($controller_result_event->getResponse());
}
}
private function onFailure(GetResponseEvent $event, Request $request, AuthenticationException $failed)
{
if (null !== $this->logger) {
$this->logger->info(sprintf('Authentication request failed: %s', $failed->getMessage()));
}
$this->securityContext->setToken(null);
if (null !== $this->failureHandler) {
return $this->failureHandler->onAuthenticationFailure($request, $failed);
}
if (null === $this->options['failure_path']) {
$this->options['failure_path'] = $this->options['login_path'];
}
if ($this->options['failure_forward']) {
if (null !== $this->logger) {
$this->logger->debug(sprintf('Forwarding to %s', $this->options['failure_path']));
}
$subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']);
$subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed);
return $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
}
if (null !== $this->logger) {
$this->logger->debug(sprintf('Redirecting to %s', $this->options['failure_path']));
}
$request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed);
return $this->httpUtils->createRedirectResponse($request, $this->options['failure_path']);
}
/**
* @param GetResponseEvent $event
*/
public function onKernelRequest(GetResponseEvent $event)
{
$kernel = $event->getKernel();
$request = $event->getRequest();
$session = $request->getSession();
/** @var ContainerInterface $container */
$container = $this->container;
// Setting container
Container::setContainer($container);
// Setting session.
Container::setSession($request->getSession());
// Setting database.
$dbConnection = $container->get('database_connection');
// Setting DB connection and Doctrine Manager.
$database = new \Database();
$database->setConnection($dbConnection);
$entityManager = $container->get('doctrine')->getManager();
$database->setManager($entityManager);
// Setting course tool chain (in order to create tools to a course)
\CourseManager::setToolList($container->get('chamilo_course.tool_chain'));
\CourseManager::setEntityManager($entityManager);
\CourseManager::setCourseManager($container->get('chamilo_core.manager.course'));
\CourseManager::setCourseSettingsManager($container->get('chamilo_course.settings.manager'));
Container::$mailer = $container->get('mailer');
// Setting legacy properties.
Container::$urlGenerator = $container->get('router');
Container::$security = $container->get('security.context');
Container::$translator = $container->get('translator');
// Setting paths.
Container::$rootDir = $container->get('kernel')->getRealRootDir();
Container::$logDir = $container->get('kernel')->getLogDir();
Container::$dataDir = $container->get('kernel')->getDataDir();
Container::$tempDir = $container->get('kernel')->getCacheDir();
Container::$courseDir = $container->get('kernel')->getDataDir();
//Container::$configDir = $container->get('kernel')->getConfigDir();
Container::$assets = $container->get('templating.helper.assets');
Container::$roles = $container->get('security.role_hierarchy');
// Setting editor
Container::$htmlEditor = $container->get('chamilo_core.html_editor');
if (!defined('DEFAULT_DOCUMENT_QUOTA')) {
$default_quota = api_get_setting('document.default_document_quotum');
// Just in case the setting is not correctly set
if (empty($default_quota)) {
$default_quota = 100000000;
}
define('DEFAULT_DOCUMENT_QUOTA', $default_quota);
}
// Access URL (multiple URL)
/** @var \Sonata\PageBundle\Model\SnapshotPageProxy $page */
$page = $request->get('page');
if (isset($page) && !is_numeric($page)) {
$siteId = $page->getSite()->getId();
$request->getSession()->set('url_info', $page->getSite());
} else {
$siteId = 1;
}
$request->getSession()->set('url_id', $siteId);
/*
// Loading portal settings from DB.
$settingsRefreshInfo = $em->getRepository('ChamiloCoreBundle:SettingsCurrent')->findOneByVariable('settings_latest_update');
$settingsLatestUpdate = !empty($settingsRefreshInfo) ? $settingsRefreshInfo->getSelectedValue() : null;
$settings = $session->get('_setting');
if (empty($settings)) {
api_set_settings_and_plugins();
} else {
if (isset($settings['settings_latest_update']) &&
$settings['settings_latest_update'] != $settingsLatestUpdate
) {
api_set_settings_and_plugins();
}
}*/
}
private function onFailure(GetResponseEvent $event, Request $request, AuthenticationException $failed)
{
if (null !== $this->logger) {
$this->logger->debug(sprintf('Authentication request failed: %s', $failed->getMessage()));
}
$this->securityContext->setToken(null);
if (null !== $this->failureHandler) {
return $this->failureHandler->onAuthenticationFailure($request, $failed);
}
if (null === $this->options['failure_path']) {
$this->options['failure_path'] = $this->options['login_path'];
}
$path = str_replace('{_locale}', $request->getSession()->getLocale(), $this->options['failure_path']);
if ($this->options['failure_forward']) {
if (null !== $this->logger) {
$this->logger->debug(sprintf('Forwarding to %s', $path));
}
$subRequest = Request::create($path, 'get', array(), $request->cookies->all(), array(), $request->server->all());
$subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed);
return $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
}
if (null !== $this->logger) {
$this->logger->debug(sprintf('Redirecting to %s', $path));
}
$request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed);
return new RedirectResponse(0 !== strpos($path, 'http') ? $request->getUriForPath($path) : $path, 302);
}
/**
* @param GetResponseEvent $event
*/
public function onKernelRequest(GetResponseEvent $event)
{
if (!$event->getRequest()->headers->has('link')) {
return;
}
$links = array();
$header = $event->getRequest()->headers->get('link');
/*
* Due to limitations, multiple same-name headers are sent as comma
* separated values.
*
* This breaks those headers into Link headers following the format
* http://tools.ietf.org/html/rfc2068#section-19.6.2.4
*/
while (preg_match('/^((?:[^"]|"[^"]*")*?),/', $header, $matches)) {
$header = trim(substr($header, strlen($matches[0])));
$links[] = $matches[1];
}
if ($header) {
$links[] = $header;
}
$requestMethod = $this->urlMatcher->getContext()->getMethod();
// The controller resolver needs a request to resolve the controller.
$stubRequest = new Request();
foreach ($links as $idx => $link) {
// Force the GET method to avoid the use of the
// previous method (LINK/UNLINK)
$this->urlMatcher->getContext()->setMethod('GET');
$linkParams = explode(';', trim($link));
$resourceType = null;
if (count($linkParams) > 1) {
$resourceType = trim(preg_replace('/<|>/', '', $linkParams[1]));
$resourceType = str_replace("\"", "", str_replace("rel=", "", $resourceType));
}
$resource = array_shift($linkParams);
$resource = preg_replace('/<|>/', '', $resource);
$tempRequest = Request::create($resource);
try {
$route = $this->urlMatcher->match($tempRequest->getRequestUri());
} catch (\Exception $e) {
// If we don't have a matching route we return the original Link header
continue;
}
if (strpos($route['_route'], 'newscoop_gimme_') === false) {
return;
}
$stubRequest->attributes->replace($route);
$stubRequest->server = $event->getRequest()->server;
if (false === ($controller = $this->resolver->getController($stubRequest))) {
continue;
}
$subEvent = new FilterControllerEvent($event->getKernel(), $controller, $stubRequest, HttpKernelInterface::SUB_REQUEST);
$kernelSubEvent = new GetResponseEvent($event->getKernel(), $stubRequest, HttpKernelInterface::SUB_REQUEST);
$event->getDispatcher()->dispatch(KernelEvents::REQUEST, $kernelSubEvent);
$event->getDispatcher()->dispatch(KernelEvents::CONTROLLER, $subEvent);
$controller = $subEvent->getController();
$arguments = $this->resolver->getArguments($stubRequest, $controller);
try {
$result = call_user_func_array($controller, $arguments);
// Our api returns objects for single resources
if (!is_object($result)) {
continue;
}
$links[$idx] = array('object' => $result, 'resourceType' => $resourceType);
} catch (\Exception $e) {
$links[$idx] = array('object' => $e, 'resourceType' => 'exception');
continue;
}
}
$event->getRequest()->attributes->set('links', $links);
$this->urlMatcher->getContext()->setMethod($requestMethod);
}
public function onKernelRequest(GetResponseEvent $event)
{
if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
return;
}
if (!$event->getRequest()->headers->has('link')) {
return;
}
$links = array();
$header = $event->getRequest()->headers->get('link');
/*
* Due to limitations, multiple same-name headers are sent as comma
* separated values.
*
* This breaks those headers into Link headers following the format
* http://tools.ietf.org/html/rfc2068#section-19.6.2.4
*/
while (preg_match('/^((?:[^"]|"[^"]*")*?),/', $header, $matches)) {
$header = trim(substr($header, strlen($matches[0])));
$links[] = $matches[1];
}
if ($header) {
$links[] = $header;
}
$requestMethod = $this->urlMatcher->getContext()->getMethod();
// Force the GET method to avoid the use of the
// previous method (LINK/UNLINK)
$this->urlMatcher->getContext()->setMethod('GET');
// The controller resolver needs a request to resolve the controller.
$stubRequest = new Request();
foreach ($links as $idx => $link) {
$linkHeader = $this->parseLinkHeader($link);
$resource = $this->parseResource($linkHeader, $event->getRequest());
try {
$route = $this->urlMatcher->match($resource);
} catch (\Exception $e) {
// If we don't have a matching route we return
// the original Link header
continue;
}
$stubRequest->attributes->replace($route);
if (false === ($controller = $this->resolver->getController($stubRequest))) {
continue;
}
// Make sure @ParamConverter and some other annotations are called
$subEvent = new FilterControllerEvent($event->getKernel(), $controller, $stubRequest, HttpKernelInterface::SUB_REQUEST);
$event->getDispatcher()->dispatch(KernelEvents::CONTROLLER, $subEvent);
$controller = $subEvent->getController();
$arguments = $this->resolver->getArguments($stubRequest, $controller);
try {
$result = call_user_func_array($controller, $arguments);
$value = is_array($result) ? current($result) : $result;
if ($linkHeader->hasRel()) {
unset($links[$idx]);
$links[$linkHeader->getRel()][] = $value;
} else {
$links[$idx] = $value;
}
} catch (\Exception $e) {
continue;
}
}
$event->getRequest()->attributes->set('links', $links);
$this->urlMatcher->getContext()->setMethod($requestMethod);
}
public function onKernelRequest(GetResponseEvent $event)
{
$kernel = $event->getKernel();
$request = $event->getRequest();
$container = $this->container;
}
