/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
* @param array $args
*
* @return \Psr\Http\Message\ResponseInterface
*/
public function token(Request $request, Response $response, $args)
{
$this->logger->info(substr(strrchr(rtrim(__CLASS__, '\\'), '\\'), 1) . ': ' . __FUNCTION__);
// convert a request from PSR7 to hhtpFoundation
$httpFoundationFactory = new HttpFoundationFactory();
$symfonyRequest = $httpFoundationFactory->createRequest($request);
$bridgeRequest = BridgeRequest::createFromRequest($symfonyRequest);
$this->oAuth2server->handleTokenRequest($bridgeRequest)->send();
}
/**
* {@inheritdoc}
*/
public function start(Request $request, AuthenticationException $authException = null)
{
$factory = new DiactorosFactory();
$request = $factory->createRequest($request);
$response = new Response();
$this->entry_point->start($request, $response);
$factory = new HttpFoundationFactory();
$response = $factory->createResponse($response);
return $response;
}
/**
* @param callable|string $controller
* @return \Closure
*/
public function createController($controller)
{
return function (Request $request) use($controller) {
$fakeRequest = Request::create($request->getUri());
$fakeRequest->attributes->set('_controller', $controller);
$callableController = $this->controllerResolver->getController($fakeRequest);
$arguments = $this->controllerResolver->getArguments($request, $callableController);
$psr7Response = call_user_func_array($callableController, $arguments);
return $this->httpFoundationFactory->createResponse($psr7Response);
};
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
* @param array $next
*
* @return \Psr\Http\Message\ResponseInterface
*/
public function validateToken($request)
{
$this->logger->info(substr(strrchr(rtrim(__CLASS__, '\\'), '\\'), 1) . ': ' . __FUNCTION__);
// convert a request from PSR7 to hhtpFoundation
$httpFoundationFactory = new HttpFoundationFactory();
$symfonyRequest = $httpFoundationFactory->createRequest($request);
$bridgeRequest = BridgeRequest::createFromRequest($symfonyRequest);
if (!$this->oAuth2server->verifyResourceRequest($bridgeRequest)) {
$this->oAuth2server->getResponse()->send();
die;
}
// store the user_id
$token = $this->oAuth2server->getAccessTokenData($bridgeRequest);
$this->user = $token['user_id'];
return TRUE;
}
/**
* action for routing all requests directly to the third party API
*
* @param Request $request request
*
* @return \Psr\Http\Message\ResponseInterface|Response
*/
public function proxyAction(Request $request)
{
$api = $this->decideApiAndEndpoint($request->getUri());
$this->registerProxySources();
$url = $this->apiLoader->getEndpoint($api['endpoint'], true);
if (parse_url($url, PHP_URL_SCHEME) === false) {
$scheme = $request->getScheme();
$url = $scheme . '://' . $url;
}
$response = null;
try {
$newRequest = Request::create($url, $request->getMethod(), array(), array(), array(), array(), $request->getContent(false));
$newRequest->headers->add($request->headers->all());
$newRequest = $this->transformationHandler->transformRequest($api['apiName'], $api['endpoint'], $request, $newRequest);
$psrRequest = $this->diactorosFactory->createRequest($newRequest);
$psrRequest = $psrRequest->withUri($psrRequest->getUri()->withPort(parse_url($url, PHP_URL_PORT)));
$psrResponse = $this->proxy->forward($psrRequest)->to($this->getHostWithScheme($url));
$response = $this->httpFoundationFactory->createResponse($psrResponse);
$this->transformationHandler->transformResponse($api['apiName'], $api['endpoint'], $response, clone $response);
} catch (ClientException $e) {
$response = $e->getResponse();
} catch (ServerException $serverException) {
$response = $serverException->getResponse();
}
return $response;
}
public function testCreateResponse()
{
$response = new Response('1.0', array('X-Symfony' => array('2.8'), 'Set-Cookie' => array('theme=light', 'test', 'ABC=AeD; Domain=dunglas.fr; Path=/kevin; Expires=Wed, 13 Jan 2021 22:23:01 GMT; Secure; HttpOnly')), new Stream('The response body'), 200);
$symfonyResponse = $this->factory->createResponse($response);
$this->assertEquals('1.0', $symfonyResponse->getProtocolVersion());
$this->assertEquals('2.8', $symfonyResponse->headers->get('X-Symfony'));
$cookies = $symfonyResponse->headers->getCookies();
$this->assertEquals('theme', $cookies[0]->getName());
$this->assertEquals('light', $cookies[0]->getValue());
$this->assertEquals(0, $cookies[0]->getExpiresTime());
$this->assertNull($cookies[0]->getDomain());
$this->assertEquals('/', $cookies[0]->getPath());
$this->assertFalse($cookies[0]->isSecure());
$this->assertFalse($cookies[0]->isHttpOnly());
$this->assertEquals('test', $cookies[1]->getName());
$this->assertNull($cookies[1]->getValue());
$this->assertEquals('ABC', $cookies[2]->getName());
$this->assertEquals('AeD', $cookies[2]->getValue());
$this->assertEquals(strtotime('Wed, 13 Jan 2021 22:23:01 GMT'), $cookies[2]->getExpiresTime());
$this->assertEquals('dunglas.fr', $cookies[2]->getDomain());
$this->assertEquals('/kevin', $cookies[2]->getPath());
$this->assertTrue($cookies[2]->isSecure());
$this->assertTrue($cookies[2]->isHttpOnly());
$this->assertEquals('The response body', $symfonyResponse->getContent());
$this->assertEquals(200, $symfonyResponse->getStatusCode());
}
/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Symfony\Component\Security\Core\Exception\AuthenticationException|null $authException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function start(Request $request, AuthenticationException $authException = null)
{
$schemes = ['schemes' => []];
foreach ($this->getAccessTokenTypeManager()->getAccessTokenTypes() as $type) {
$params = $type->getSchemeParameters();
if (!empty($params)) {
$schemes['schemes'] = array_merge($schemes['schemes'], $params);
}
}
$exception = $this->getExceptionManager()->getException(ExceptionManagerInterface::AUTHENTICATE, ExceptionManagerInterface::ACCESS_DENIED, 'OAuth2 authentication required', $schemes);
$response = new Response();
$exception->getHttpResponse($response);
$factory = new HttpFoundationFactory();
$response = $factory->createResponse($response);
return $response;
}
public function testValidRequestShouldBeHandledByTheNextMiddleware()
{
$content = '{"content": "This is the content"}';
$request = Request::create('http://localhost/', 'GET', [], [], [], [], $content);
$request->headers->set('X-Hub-Signature', sprintf('sha1=%s', hash_hmac('sha1', $content, 'my_secret')));
$psrFactory = new DiactorosFactory();
$foundationFactory = new HttpFoundationFactory();
$psrRequest = $psrFactory->createRequest($request);
$expectedRequest = $foundationFactory->createRequest($psrRequest);
$response = new Response('OK');
$expectedResponse = $foundationFactory->createResponse($psrFactory->createResponse($response));
$next = $this->prophesize('Symfony\\Component\\HttpKernel\\HttpKernelInterface');
$next->handle($expectedRequest)->shouldBeCalledTimes(1)->willReturn($response);
$middleware = new GitHubWebHook($next->reveal(), 'my_secret');
$response = $middleware->handle($request);
$this->assertEquals($expectedResponse, $response);
}
/**
* @param FilterResponseEvent $event
*/
public function onKernelResponse(FilterResponseEvent $event)
{
if (!$event->isMasterRequest()) {
return;
}
$request = $event->getRequest();
$response = $event->getResponse();
if ($request->attributes->has('hmac.key')) {
$psr7Factory = new DiactorosFactory();
$foundationFactory = new HttpFoundationFactory();
$psr7Request = $psr7Factory->createRequest($request);
$psr7Response = $psr7Factory->createResponse($response);
$signer = new ResponseSigner($request->attributes->get('hmac.key'), $psr7Request);
$signedResponse = $signer->signResponse($psr7Response);
$event->setResponse($foundationFactory->createResponse($signedResponse));
}
}
public function handle(FormInterface $form, ServerRequestInterface $request, ResponseInterface &$response, Authorization $authorization)
{
if ('POST' !== $request->getMethod()) {
return false;
}
$httpFoundationFactory = new HttpFoundationFactory();
$symfony_request = $httpFoundationFactory->createRequest($request);
$form->submit($symfony_request);
if (!$form->isValid()) {
return false;
}
$button = $form->get('accept');
if (!$button instanceof ClickableInterface) {
throw new InvalidArgumentException('Unable to find the button named "accept".');
}
$authorization->setAuthorized($button->isClicked());
$this->endpoint->authorize($authorization, $response);
}
/**
* @param \Symfony\Component\Form\FormInterface $form
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization
* @param \SpomkyLabs\OAuth2ServerBundle\Plugin\AuthorizationEndpointPlugin\Form\Model\AuthorizationModel $authorization_model
*
* @return bool
*/
public function handle(FormInterface $form, ServerRequestInterface $request, AuthorizationInterface $authorization, AuthorizationModel $authorization_model)
{
if ('POST' !== $request->getMethod()) {
return false;
}
$httpFoundationFactory = new HttpFoundationFactory();
$symfony_request = $httpFoundationFactory->createRequest($request);
$form->submit($symfony_request->get($form->getName()));
if (!$form->isValid()) {
return false;
}
$button = $form->get('accept');
if (!$button instanceof ClickableInterface) {
throw new InvalidArgumentException('Unable to find the button named "accept".');
}
$authorization->setAuthorized($button->isClicked());
$refused_scopes = array_diff($authorization->getScopes(), $authorization_model->getScopes());
foreach ($refused_scopes as $refused_scope) {
$authorization->removeScope($refused_scope);
}
return true;
}
/**
* @param \Symfony\Component\HttpKernel\Event\FilterControllerEvent $event
* @param \OAuth2\Exception\BaseExceptionInterface $exception
*/
private function updateFilterControllerEvent(FilterControllerEvent &$event, BaseExceptionInterface $exception)
{
$event->setController(function () use($exception) {
$response = new Response();
$exception->getHttpResponse($response);
$response->getBody()->rewind();
$factory = new HttpFoundationFactory();
$response = $factory->createResponse($response);
return $response;
});
}
/**
* Create scope controllers
*/
public function createScopeControllers()
{
$this->configLoader->load();
$silex = $this->silex;
$manifests = $this->configLoader->getManifests();
foreach ($manifests as $scope => $manifest) {
/** @var ControllerCollection $controllers_factory */
$controllers_factory = $this->silex['controllers_factory'];
foreach ($manifest['routes'] as $http_method => $route) {
$scope_path = $this->configLoader->getPath();
/** @var Controller $routeController */
$routeController = $controllers_factory->{$http_method}($route['route'], function (Request $request) use($silex, $scope, $manifest, $route, $scope_path) {
//Scope container
$scope_container = $silex['scopes'][$scope];
if (isset($silex['translator'])) {
$scope_container['translator'] = $silex['translator'];
}
if (isset($silex['url_generator'])) {
$scope_container['url_generator'] = $silex['url_generator'];
}
if (isset($silex['log_factory'])) {
$scope_container['log_factory'] = $silex['log_factory'];
}
if (isset($silex['predis'])) {
$scope_container['predis'] = $silex['predis'];
}
$silex['scopes'][$scope] = $scope_container;
/** @var Twig_Loader_Filesystem $twig_loader_filesystem */
$twig_loader_filesystem = $silex['twig.loader.filesystem'];
$twig_loader_filesystem->prependPath($scope_path . '/' . $scope . '/views');
//Create request
$psr7Factory = new DiactorosFactory();
$psrRequest = $psr7Factory->createRequest($request);
/** @var AbstractScopeController $scope_controller */
$namespace_controller = $this->scope_namespace . implode('\\', [$scope, 'controller', ucfirst($route['controller']) . 'Controller']);
$scope_controller = $namespace_controller::create($manifest, $silex['scopes'][$scope], $psrRequest, $this->base_namespace);
$scope_controller->setTwig($silex['twig']);
$psrResponse = $scope_controller->execute($route['call']);
//Create response
$httpFoundationFactory = new HttpFoundationFactory();
$symfonyResponse = $httpFoundationFactory->createResponse($psrResponse);
return $symfonyResponse;
});
//Filter
if (is_array($route['filter'])) {
foreach ($route['filter'] as $filter) {
$routeController->before($this->silex['filter_factory']->createFilter($scope, $filter));
}
}
//Bind
$routeController->bind(implode('::', [$route['controller'], $route['call']]));
}
$this->silex->mount($manifest['mount'], $controllers_factory);
}
}
/**
* @param \Symfony\Component\HttpKernel\Event\FilterControllerEvent $event
* @param string $message
* @param null|string[] $scope
*/
private function createAuthenticationException(FilterControllerEvent &$event, $message, $scope)
{
$schemes = ['schemes' => []];
foreach ($this->getAccessTokenTypeManager()->getAccessTokenTypes() as $type) {
$params = $type->getSchemeParameters();
if (!empty($params)) {
foreach ($params as $id => $param) {
if (!empty($scope)) {
$params[$id] = array_merge($params[$id], ['scope' => implode(' ', $scope)]);
}
}
$schemes['schemes'] = array_merge($schemes['schemes'], $params);
}
}
$exception = $this->getExceptionManager()->getException(ExceptionManagerInterface::AUTHENTICATE, ExceptionManagerInterface::ACCESS_DENIED, $message, $schemes);
$event->setController(function () use($exception) {
$response = new Response();
$exception->getHttpResponse($response);
$response->getBody()->rewind();
$factory = new HttpFoundationFactory();
$response = $factory->createResponse($response);
return $response;
});
}
