public function onHandshake(Request $request, Response $response) { // During handshakes, you should always check the origin header, otherwise any site will // be able to connect to your endpoint. Websockets are not restricted by the same-origin-policy! $origin = $request->getHeader("origin"); if ($origin !== "http://localhost:1337") { $response->setStatus(403); $response->send("<h1>origin not allowed</h1>"); return null; } // returned values will be passed to onOpen, that way you can pass cookie values or the whole request object. return $request->getConnectionInfo()["client_addr"]; }
private function doRangeResponse($range, $fileInfo, Response $response) { $this->assignCommonHeaders($fileInfo); $range->contentType = $mime = $this->selectMimeTypeFromPath($fileInfo->path); if (isset($range->ranges[1])) { $response->setHeader("Content-Type", "multipart/byteranges; boundary={$range->boundary}"); } else { list($startPos, $endPos) = $range->ranges[0]; $response->setHeader("Content-Length", (string) ($endPos - $startPos)); $response->setHeader("Content-Range", "bytes {$startPos}-{$endPos}/{$fileInfo->size}"); $response->setHeader("Content-Type", $mime); } $response->setStatus(HTTP_STATUS["PARTIAL_CONTENT"]); return $this->finalizeResponse($response, $fileInfo, $range); }
/** * @param \Aerys\Response $response The server Response to wrap for the handshake * @param string $acceptKey The client request's SEC-WEBSOCKET-KEY header value */ public function __construct(Response $response, string $acceptKey) { $this->response = $response; $this->acceptKey = $acceptKey; $response->setStatus($this->status); }
private function respond($fileInfo, Request $request, Response $response) { // If the file doesn't exist don't bother to do anything else so the // HTTP server can send a 404 and/or allow handlers further down the chain // a chance to respond. if (empty($fileInfo->exists)) { return; } switch ($request->getMethod()) { case "GET": case "HEAD": break; case "OPTIONS": $response->setStatus(HTTP_STATUS["OK"]); $response->setHeader("Allow", "GET, HEAD, OPTIONS"); $response->setHeader("Accept-Ranges", "bytes"); $response->setHeader("Aerys-Generic-Response", "enable"); return; default: $response->setStatus(HTTP_STATUS["METHOD_NOT_ALLOWED"]); $response->setHeader("Allow", "GET, HEAD, OPTIONS"); $response->setHeader("Aerys-Generic-Response", "enable"); return; } $precondition = $this->checkPreconditions($request, $fileInfo->mtime, $fileInfo->etag); switch ($precondition) { case self::PRECOND_NOT_MODIFIED: $response->setStatus(HTTP_STATUS["NOT_MODIFIED"]); $lastModifiedHttpDate = \gmdate('D, d M Y H:i:s', $fileInfo->mtime) . " GMT"; $response->setHeader("Last-Modified", $lastModifiedHttpDate); if ($fileInfo->etag) { $response->setHeader("Etag", $fileInfo->etag); } $response->end(); return; case self::PRECOND_FAILED: $response->setStatus(HTTP_STATUS["PRECONDITION_FAILED"]); $response->end(); return; case self::PRECOND_IF_RANGE_FAILED: // Return this so the resulting generator will be auto-resolved return $this->doNonRangeResponse($fileInfo, $response); } if (!($rangeHeader = $request->getHeader("Range"))) { // Return this so the resulting generator will be auto-resolved return $this->doNonRangeResponse($fileInfo, $response); } if ($range = $this->normalizeByteRanges($fileInfo->size, $rangeHeader)) { // Return this so the resulting generator will be auto-resolved return $this->doRangeResponse($range, $fileInfo, $response); } // If we're still here this is the only remaining response we can send $response->setStatus(HTTP_STATUS["REQUESTED_RANGE_NOT_SATISFIABLE"]); $response->setHeader("Content-Range", "*/{$fileInfo->size}"); $response->end(); }
private function respondWithError(AerysResponse $response, int $responseCode, string $message) { $response->setStatus($responseCode); $response->setHeader('Content-Type', 'application/json'); $response->end(json_encode(['error' => $message])); }
public function doLogOut(Request $request, Response $response) { $session = new Session($request); (yield $session->open()); (yield $session->destroy()); $response->setStatus(302); $response->setHeader("location", "/"); $response->send(""); }
private function tryErrorResponse(\Throwable $error, InternalRequest $ireq, Response $response, array $filters) { try { $status = HTTP_STATUS["INTERNAL_SERVER_ERROR"]; $msg = $this->options->debug ? "<pre>" . htmlspecialchars($error) . "</pre>" : "<p>Something went wrong ...</p>"; $body = makeGenericBody($status, ["sub_heading" => "Requested: {$ireq->uri}", "msg" => $msg]); $response->setStatus(HTTP_STATUS["INTERNAL_SERVER_ERROR"]); $response->setHeader("Connection", "close"); $response->end($body); } catch (ClientException $error) { return; } catch (\Throwable $error) { if ($ireq->filterErrorFlag) { $this->tryFilterErrorResponse($error, $ireq, $filters); } else { $this->logger->error($error); $this->close($ireq->client); } } }
/** * Handles all hooks. * * @param Request $request HTTP request * @param Response $response HTTP response * @param array $args URL args */ public function handle(Request $request, Response $response, array $args) { $response->setHeader("content-type", "text/plain"); $token = $request->getQueryVars()["token"] ?? ""; if (!$token || !is_string($token)) { $response->setStatus(401); $response->send("Failure: No token was provided."); return; } // use @ so we don't have to check for invalid strings manually $token = (string) @hex2bin($token); $hook = (yield $this->hookRepository->get($args["id"])); if (!$hook) { $response->setStatus(404); $response->send("Failure: Hook does not exist."); return; } if (!hash_equals($hook->token, $token)) { $response->setStatus(403); $response->send("Failure: Provided token doesn't match."); return; } $name = $args["service"]; if (!isset($this->services[$name])) { $response->setStatus(404); $response->send("Failure: Unknown service."); return; } $contentType = strtok($request->getHeader("content-type"), ";"); $body = (yield $request->getBody()); switch ($contentType) { case "application/json": $payload = json_decode($body); break; case "application/x-www-form-urlencoded": parse_str($body, $payload); $payload = json_decode(json_encode($payload)); break; default: $response->setStatus(415); $response->send("Failure: Content-type not supported."); return; } $service = $this->services[$name]; $headers = $request->getAllHeaders(); $event = $service->getEventName($headers, $payload); if (!isset($this->schemas[$name][$event])) { $response->setStatus(400); $response->send("Failure: Event not supported."); return; } $schema = $this->schemas[$name][$event]; $this->validator->reset(); $this->validator->check($payload, $schema); if (!$this->validator->isValid()) { $errors = $this->validator->getErrors(); $errors = array_reduce($errors, function (string $carry, array $item) : string { if ($item["property"]) { return $carry . sprintf("\n%s: %s", $item["property"], $item["message"]); } else { return $carry . "\n" . $item["message"]; } }, ""); $response->setStatus(400); $response->send("Failure: Payload validation failed." . $errors); return; } $message = $service->handle($headers, $payload); try { if ($message) { $req = (new HttpRequest())->setMethod("PUT")->setUri($this->config["api"] . "/messages")->setHeader("authorization", "Basic " . base64_encode("{$this->config['user_id']}:{$this->config['token']}"))->setBody(json_encode(["room_id" => $hook->room_id, "text" => $message->getText(), "data" => $message->getData()])); $resp = (yield $this->http->request($req)); if (intval($resp->getStatus() / 100) !== 2) { $message = "API request failed: " . $resp->getStatus(); if ($resp->getBody()) { $message .= "\n" . $resp->getBody(); } throw new Exception($message); } } $response->send("Success: " . ($message ? "Message sent." : "Message skipped.")); } catch (Exception $e) { $response->setStatus(500); $response->send("Failure: Couldn't persist message."); } }
public function __invoke(Request $req, Response $res) { $headers = $req->getAllHeaders(); unset($headers["accept-encoding"]); $connection = $headers["connection"]; unset($headers["connection"]); foreach ($connection as $value) { foreach (explode(",", strtolower($value)) as $type) { $type = trim($type); if ($type == "upgrade") { $headers["connection"][0] = "upgrade"; } else { unset($headers[$type]); } } } if ($this->headers) { if (is_callable($this->headers)) { $headers = ($this->headers)($headers); } else { $headers = $this->headers + $headers; } } $promise = $this->client->request((new \Amp\Artax\Request())->setMethod($req->getMethod())->setUri($this->target . $req->getUri())->setAllHeaders($headers)->setBody((yield $req->getBody()))); // no async sending possible :-( [because of redirects] $promise->watch(function ($update) use($req, $res, &$hasBody, &$status, &$zlib) { list($type, $data) = $update; if ($type == Notify::RESPONSE_HEADERS) { $headers = array_change_key_case($data["headers"], CASE_LOWER); foreach ($data["headers"] as $header => $values) { foreach ($values as $value) { $res->addHeader($header, $value); } } $res->setStatus($status = $data["status"]); $res->setReason($data["reason"]); if (isset($headers["content-encoding"]) && strcasecmp(trim(current($headers["content-encoding"])), 'gzip') === 0) { $zlib = inflate_init(ZLIB_ENCODING_GZIP); } $hasBody = true; } if ($type == Notify::RESPONSE_BODY_DATA) { if ($zlib) { $data = inflate_add($zlib, $data); } $res->stream($data); } if ($type == Notify::RESPONSE) { if (!$hasBody) { foreach ($data->getAllHeaders() as $header => $values) { foreach ($values as $value) { $res->addHeader($header, $value); } } $res->setStatus($status = $data->getStatus()); $res->setReason($data->getReason()); } if ($status == 101) { $req->setLocalVar("aerys.reverse.socket", $update["export_socket"]()); } $res->end($zlib ? inflate_add("", ZLIB_FINISH) : null); } }); (yield $promise); }
public function handle(Request $request, Response $response, array $args) { $endpoint = $request->getLocalVar("chat.api.endpoint"); $user = $request->getLocalVar("chat.api.user"); if (!$endpoint || !$user) { // if this happens, something's really wrong, e.g. wrong order of callables $response->setStatus(500); $response->send(""); } foreach ($args as $key => $arg) { if (is_numeric($arg)) { $args[$key] = (int) $arg; } } foreach ($request->getQueryVars() as $key => $value) { // Don't allow overriding URL parameters if (isset($args[$key])) { continue; } if (is_numeric($value)) { $args[$key] = (int) $value; } else { if (is_string($value)) { $args[$key] = $value; } else { $result = new Error("bad_request", "invalid query parameter types", 400); $this->writeResponse($request, $response, $result); return; } } } $args = $args ? (object) $args : new stdClass(); $body = (yield $request->getBody()); $payload = $body ? json_decode($body) : null; $result = (yield $this->chat->process(new StandardRequest($endpoint, $args, $payload), $user)); $this->writeResponse($request, $response, $result); }
public function onHandshake(Request $request, Response $response) { $origin = $request->getHeader("origin"); if (!isOriginAllowed($origin)) { $response->setStatus(400); $response->setReason("Invalid Origin"); $response->send("<h1>Invalid Origin</h1>"); return null; } if ($this->eventSub->getConnectionState() !== ConnectionState::CONNECTED) { $response->setStatus(503); $response->setReason("Service unavailable"); $response->send(""); return null; } return new Session($request); }