/**
* Get the content for the signature from the given request
*
* @param \TYPO3\Flow\Http\Request $httpRequest
* @return string
*/
public function getSignatureContent(\TYPO3\Flow\Http\Request $httpRequest)
{
$date = $httpRequest->getHeader('Date');
$dateValue = $date instanceof \DateTime ? $date->format(DATE_RFC2822) : '';
$signData = $httpRequest->getMethod() . chr(10) . sha1($httpRequest->getContent()) . chr(10) . $httpRequest->getHeader('Content-Type') . chr(10) . $dateValue . chr(10) . $httpRequest->getUri();
return $signData;
}
/**
* @return string
* @throws \TYPO3\Flow\Security\Exception\InvalidArgumentForHashGenerationException
*/
public function getJWTToken()
{
/** @var \TYPO3\Flow\Security\Account $account */
$account = $this->securityContext->getAccount();
$this->apiToken = $this->securityContext->getAuthenticationTokensOfType('RFY\\JWT\\Security\\Authentication\\Token\\JwtToken')[0];
if ($account->getAuthenticationProviderName() !== $this->apiToken->getAuthenticationProviderName()) {
// TODO: Currently you can get only 1 tokenAccount because of the duplication restraint based on accountIdentifier & AuthenticationProviderName
$account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($account->getAccountIdentifier(), $this->apiToken->getAuthenticationProviderName());
if ($account === NULL) {
$account = $this->generateTokenAccount();
}
}
$payload = array();
$payload['identifier'] = $account->getAccountIdentifier();
$payload['partyIdentifier'] = $this->persistenceManager->getIdentifierByObject($account->getParty());
$payload['user_agent'] = $this->request->getHeader('User-Agent');
$payload['ip_address'] = $this->request->getClientIpAddress();
if ($account->getCreationDate() instanceof \DateTime) {
$payload['creationDate'] = $account->getCreationDate()->getTimestamp();
}
if ($account->getExpirationDate() instanceof \DateTime) {
$payload['expirationDate'] = $account->getExpirationDate()->getTimestamp();
}
// Add hmac
$hmac = $this->hashService->generateHmac($this->signature);
return JWT::encode($payload, $hmac);
}
/**
* Get the values of trusted proxy header.
*
* @param string $type One of the HEADER_* constants
* @param Request $request The request to get the trusted proxy header from
* @return \Iterator An array of the values for this header type or NULL if this header type should not be trusted
*/
protected function getTrustedProxyHeaderValues($type, Request $request)
{
$trustedHeaders = isset($this->settings['headers'][$type]) ? $this->settings['headers'][$type] : '';
if ($trustedHeaders === '' || !$request->getAttribute(Request::ATTRIBUTE_TRUSTED_PROXY)) {
(yield null);
return;
}
$trustedHeaders = array_map('trim', explode(',', $trustedHeaders));
foreach ($trustedHeaders as $trustedHeader) {
if ($request->hasHeader($trustedHeader)) {
(yield array_map('trim', explode(',', $request->getHeader($trustedHeader))));
}
}
(yield null);
}
/**
* Sends the given HTTP request
*
* @param \TYPO3\Flow\Http\Request $request
* @return \TYPO3\Flow\Http\Response The response or FALSE
* @api
* @throws \TYPO3\Flow\Http\Exception
* @throws CurlEngineException
*/
public function sendRequest(Request $request)
{
if (!extension_loaded('curl')) {
throw new \TYPO3\Flow\Http\Exception('CurlEngine requires the PHP CURL extension to be installed and loaded.', 1346319808);
}
$requestUri = $request->getUri();
$curlHandle = curl_init((string) $requestUri);
curl_setopt_array($curlHandle, $this->options);
// Send an empty Expect header in order to avoid chunked data transfer (which we can't handle yet).
// If we don't set this, cURL will set "Expect: 100-continue" for requests larger than 1024 bytes.
curl_setopt($curlHandle, CURLOPT_HTTPHEADER, array('Expect:'));
// If the content is a stream resource, use cURL's INFILE feature to stream it
$content = $request->getContent();
if (is_resource($content)) {
curl_setopt_array($curlHandle, array(CURLOPT_INFILE => $content, CURLOPT_INFILESIZE => $request->getHeader('Content-Length')));
}
switch ($request->getMethod()) {
case 'GET':
if ($request->getContent()) {
// workaround because else the request would implicitly fall into POST:
curl_setopt($curlHandle, CURLOPT_CUSTOMREQUEST, 'GET');
if (!is_resource($content)) {
curl_setopt($curlHandle, CURLOPT_POSTFIELDS, $content);
}
}
break;
case 'POST':
curl_setopt($curlHandle, CURLOPT_POST, TRUE);
if (!is_resource($content)) {
$body = $content !== '' ? $content : http_build_query($request->getArguments());
curl_setopt($curlHandle, CURLOPT_POSTFIELDS, $body);
}
break;
case 'PUT':
curl_setopt($curlHandle, CURLOPT_PUT, TRUE);
if (!is_resource($content) && $content !== '') {
$inFileHandler = fopen('php://temp', 'r+');
fwrite($inFileHandler, $request->getContent());
rewind($inFileHandler);
curl_setopt_array($curlHandle, array(CURLOPT_INFILE => $inFileHandler, CURLOPT_INFILESIZE => strlen($request->getContent())));
}
break;
default:
if (!is_resource($content)) {
$body = $content !== '' ? $content : http_build_query($request->getArguments());
curl_setopt($curlHandle, CURLOPT_POSTFIELDS, $body);
}
curl_setopt($curlHandle, CURLOPT_CUSTOMREQUEST, $request->getMethod());
}
$preparedHeaders = array();
foreach ($request->getHeaders()->getAll() as $fieldName => $values) {
foreach ($values as $value) {
$preparedHeaders[] = $fieldName . ': ' . $value;
}
}
curl_setopt($curlHandle, CURLOPT_HTTPHEADER, $preparedHeaders);
// curl_setopt($curlHandle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP && CURLPROTO_HTTPS);
// CURLOPT_UPLOAD
if ($requestUri->getPort() !== NULL) {
curl_setopt($curlHandle, CURLOPT_PORT, $requestUri->getPort());
}
// CURLOPT_COOKIE
$curlResult = curl_exec($curlHandle);
if ($curlResult === FALSE) {
throw new CurlEngineException(sprintf('cURL reported error code %s with message "%s". Last requested URL was "%s" (%s).', curl_errno($curlHandle), curl_error($curlHandle), curl_getinfo($curlHandle, CURLINFO_EFFECTIVE_URL), $request->getMethod()), 1338906040);
} elseif (strlen($curlResult) === 0) {
return FALSE;
}
curl_close($curlHandle);
$response = Response::createFromRaw($curlResult);
if ($response->getStatusCode() === 100) {
$response = Response::createFromRaw($response->getContent(), $response);
}
return $response;
}
/**
* Analyzes this response, considering the given request and makes additions
* or removes certain headers in order to make the response compliant to
* RFC 2616 and related standards.
*
* It is recommended to call this method before the response is sent and Flow
* does so by default in its built-in HTTP request handler.
*
* @param \TYPO3\Flow\Http\Request $request The corresponding request
* @return void
* @api
*/
public function makeStandardsCompliant(Request $request)
{
if ($request->hasHeader('If-Modified-Since') && $this->headers->has('Last-Modified') && $this->statusCode === 200) {
$ifModifiedSinceDate = $request->getHeader('If-Modified-Since');
$lastModifiedDate = $this->headers->get('Last-Modified');
if ($lastModifiedDate <= $ifModifiedSinceDate) {
$this->setStatus(304);
$this->content = '';
}
} elseif ($request->hasHeader('If-Unmodified-Since') && $this->headers->has('Last-Modified') && ($this->statusCode >= 200 && $this->statusCode <= 299 || $this->statusCode === 412)) {
$unmodifiedSinceDate = $request->getHeader('If-Unmodified-Since');
$lastModifiedDate = $this->headers->get('Last-Modified');
if ($lastModifiedDate > $unmodifiedSinceDate) {
$this->setStatus(412);
}
}
if (in_array($this->statusCode, array(100, 101, 204, 304))) {
$this->content = '';
}
if ($this->headers->getCacheControlDirective('no-cache') !== NULL || $this->headers->has('Expires')) {
$this->headers->removeCacheControlDirective('max-age');
}
if ($request->getMethod() === 'HEAD') {
if (!$this->headers->has('Content-Length')) {
$this->headers->set('Content-Length', strlen($this->content));
}
$this->content = '';
}
if (!$this->headers->has('Content-Length')) {
$this->headers->set('Content-Length', strlen($this->content));
}
if ($this->headers->has('Transfer-Encoding')) {
$this->headers->remove('Content-Length');
}
}
/**
* @param HttpRequest $httpRequest
* @param array $routingMatchResults
* @return array
*/
protected function mergeArguments(HttpRequest $httpRequest, array $routingMatchResults = NULL)
{
// HTTP body arguments
$this->propertyMappingConfiguration->setTypeConverterOption(\TYPO3\Flow\Property\TypeConverter\MediaTypeConverterInterface::class, MediaTypeConverterInterface::CONFIGURATION_MEDIA_TYPE, $httpRequest->getHeader('Content-Type'));
$arguments = $this->propertyMapper->convert($httpRequest->getContent(), 'array', $this->propertyMappingConfiguration);
// HTTP arguments (e.g. GET parameters)
$arguments = Arrays::arrayMergeRecursiveOverrule($httpRequest->getArguments(), $arguments);
// Routing results
if ($routingMatchResults !== NULL) {
$arguments = Arrays::arrayMergeRecursiveOverrule($arguments, $routingMatchResults);
}
return $arguments;
}
/**
* Parses the request body according to the media type.
*
* @param HttpRequest $httpRequest
* @return array
*/
protected function parseRequestBody(HttpRequest $httpRequest)
{
$requestBody = $httpRequest->getContent();
if ($requestBody === null || $requestBody === '') {
return [];
}
$mediaTypeConverter = $this->objectManager->get(MediaTypeConverterInterface::class);
$propertyMappingConfiguration = new PropertyMappingConfiguration();
$propertyMappingConfiguration->setTypeConverter($mediaTypeConverter);
$propertyMappingConfiguration->setTypeConverterOption(MediaTypeConverterInterface::class, MediaTypeConverterInterface::CONFIGURATION_MEDIA_TYPE, $httpRequest->getHeader('Content-Type'));
$arguments = $this->propertyMapper->convert($requestBody, 'array', $propertyMappingConfiguration);
return $arguments;
}
