/** * Run Controller * * @param ServerRequestInterface $request PSR7 Request object * @param ResponseInterface $response PSR7 Response object * @param array $args Request arguments * @return ResponseInterface */ public function dispatch(Request $request, Response $response, $args) { $netid = $request->getHeaderLine('AUTH_PRINCIPAL'); $eppa = $request->getHeaderLine('AUTH_ATTR_EDUPERSONPRIMARYAFFILIATION'); $albumID = $args['album_id'] ?? $request->getQueryParams()['album'] ?? 1; $view_attr = ['page_title' => 'SlimSkeleton | Example', 'username' => $netid, 'eppa' => $eppa, 'data' => $this->service->getPhotos($albumID)]; return $this->view->render($response, 'example.html', $view_attr); }
public function parseHttpRequest(ServerHttpRequest $httpRequest, array $attributes) : RequestInterface { $rpHelper = new HttpRequestParserHelper($httpRequest); $validator = $rpHelper->getValidator(); $validator->required('token')->uuid(); $validator->required('pass_code')->length(40); return new Request(self::MESSAGE, $rpHelper->filterAndValidate(['token' => $httpRequest->getHeaderLine('Authentication-Token'), 'pass_code' => $httpRequest->getHeaderLine('Authentication-Pass-Code')]), $httpRequest); }
public function it_can_parse_a_HttpRequest(ServerRequestInterface $httpRequest) { $token = Uuid::uuid4()->toString(); $passCode = bin2hex(random_bytes(20)); $httpRequest->getHeaderLine('Accept')->shouldBeCalled(); $httpRequest->getHeaderLine('Authentication-Token')->willReturn($token); $httpRequest->getHeaderLine('Authentication-Pass-Code')->willReturn($passCode); $request = $this->parseHttpRequest($httpRequest, []); $request->shouldHaveType(RequestInterface::class); $request->getRequestName()->shouldReturn(RefreshTokenHandler::MESSAGE); $request['token']->shouldBe($token); $request['pass_code']->shouldBe($passCode); }
/** * {@inheritdoc} * * @throws \RuntimeException */ public function isExcluded(ServerRequestInterface $request) { if (!count($this->headers)) { throw new \RuntimeException('No headers defined in header excluder'); } foreach ($this->headers as $header => $value) { if ($value === null && $request->hasHeader($header)) { return true; } elseif ($value !== null && (trim($value) === $request->getHeaderLine($header) || @preg_match(trim($value), $request->getHeaderLine($header)))) { return true; } } return false; }
/** * attempt to build up a request from a PSR-7 compatible request * * @param ServerRequestInterface $request * @return Request */ public static function fromPsrRequest(ServerRequestInterface $request) { $url = (string) $request->getUri(); $httpMethod = $request->getMethod(); // Let's find the parameters relevant to this request $parameters = (array) $request->getParsedBody() + $request->getQueryParams(); // We have a Authorization-header with OAuth data. Parse the header // and add those overriding any duplicates from GET or POST if (substr($request->getHeaderLine('Authorization'), 0, 6) == 'OAuth ') { $header_parameters = Util::splitHeader($request->getHeaderLine('Authorization')); $parameters = array_merge($parameters, $header_parameters); } return new Request($httpMethod, $url, $parameters); }
private function isAllowed(RequestInterface $request, ServerHttpRequest $httpRequest) { if (in_array($request->getRequestName(), $this->publicMessageNames, true)) { return true; } try { $this->tokenService->getToken(Uuid::fromString($httpRequest->getHeaderLine('Authentication-Token')), $httpRequest->getHeaderLine('Authentication-Pass-Code')); return true; } catch (\Throwable $exception) { if (!$exception instanceof AuthException) { $this->log(LogLevel::ERROR, $exception->getMessage()); } return false; } }
public function __invoke(Request $req, Response $res, $args = []) { $vaultName = $args['vaultName']; if (!($vault = Vault::get($vaultName))) { return $res->withStatus(404); } if (!($partSize = $req->getHeaderLine('x-amz-part-size'))) { return $res->withStatus(400)->write('Part size missing.'); } if (!($desc = $req->getHeaderLine('x-amz-archive-description'))) { $desc = ''; } $m = $vault->createMultipart($partSize, $desc); return $res->withStatus(201)->withHeader('x-amz-multipart-upload-id', $m->getId()); }
/** * Invoking the middleware * * @param ServerRequestInterface $request * @param ResponseInterface $response * @param callable $next * @return ResponseInterface $response * @throws InternalServerError * @throws UnsupportedMediaType */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null) { // Make sure we have deserializers if (!isset($this->container['contentTypes'])) { throw new InternalServerError('No serializers seems to be configured'); } // Make sure we have a content type header to work with if ($request->hasHeader('Content-Type')) { // Get the content of the header $header = $request->getHeaderLine('Content-Type'); // Make sure the header value isn't empty if (!empty($header)) { // Get priorities $supported = $this->container['contentTypes']; // Remove included parts that aren't part of the RFC $header = preg_replace('/(;[a-z]*=[a-z0-9\\-]*)/i', '', $header); // Replace the original header value $request = $request->withHeader('Content-Type', $header); // Check if the content type is supported if (!in_array($header, $supported)) { // The content type isn't supported throw new UnsupportedMediaType('Can not handle the supplied content type. Supported types are ' . implode(', ', $supported)); } } } // Call next middleware return $next($request, $response, $next); }
/** * @param Request $request * @return Request */ protected function logIn(Request $request) { $header = $request->getHeaderLine('authorization'); $parts = explode(';', $header); $actor = new Guest(); if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) { $token = substr($parts[0], strlen($this->prefix)); if (($accessToken = AccessToken::find($token)) && $accessToken->isValid()) { $actor = $accessToken->user; $actor->updateLastSeen()->save(); } elseif (isset($parts[1]) && ($apiKey = ApiKey::valid($token))) { $userParts = explode('=', trim($parts[1])); if (isset($userParts[0]) && $userParts[0] === 'userId') { $actor = User::find($userParts[1]); } } } if ($actor->exists) { $locale = $actor->getPreference('locale'); } else { $locale = array_get($request->getCookieParams(), 'locale'); } if ($locale && $this->locales->hasLocale($locale)) { $this->locales->setLocale($locale); } return $request->withAttribute('actor', $actor ?: new Guest()); }
public function it_errors_on_invalid_data_in_request(ServerRequestInterface $httpRequest) { $post = ['data' => ['type' => 'pages', 'attributes' => ['title' => 'Long title', 'slug' => 'long_title', 'short_title' => '', 'parent_uuid' => null, 'sort_order' => 42, 'status' => 'concept']]]; $httpRequest->getHeaderLine('Accept')->willReturn('application/json'); $httpRequest->getParsedBody()->willReturn($post); $this->shouldThrow(ValidationFailedException::class)->duringParseHttpRequest($httpRequest, []); }
/** * {@inheritdoc} */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, \Closure $next) { if ($request->getHeaderLine('Content-Type') == 'application/json') { $request = $request->withParsedBody(json_decode($request->getBody()->__toString(), true)); } return $next($request); }
/** * {@inheritdoc} */ public function __invoke(Request $request, Response $response, callable $out = null) { if (str_contains($request->getHeaderLine('content-type'), 'json')) { $input = json_decode($request->getBody(), true); $request = $request->withParsedBody($input ?: []); } return $out ? $out($request, $response) : $response; }
public function modify(ServerRequestInterface $request) : ServerRequestInterface { if (false === strpos($request->getHeaderLine('Content-Type'), 'application/json')) { return $request; } // TODO: Implement broken json handling return $request->withParsedBody(json_decode($request->getBody()->getContents(), $this->asAssociativeArray)); }
public function it_errors_on_invalid_uuid_when_parsing_request(ServerRequestInterface $httpRequest) { $post = ['data' => ['type' => 'pageBlocks', 'attributes' => ['type' => 'type', 'parameters' => ['thx' => 1138], 'location' => 'main', 'sort_order' => 42, 'status' => 'published']]]; $attributes = ['page_uuid' => 'nope']; $httpRequest->getHeaderLine('Accept')->willReturn('application/json'); $httpRequest->getParsedBody()->willReturn($post); $this->shouldThrow(ValidationFailedException::class)->duringParseHttpRequest($httpRequest, $attributes); }
/** * {@inheritdoc} */ public function __invoke(Request $request, Response $response, callable $out = null) { if ($request->getMethod() === 'POST' && $request->hasHeader(self::HEADER_NAME)) { $fakeMethod = $request->getHeaderLine(self::HEADER_NAME); $request = $request->withMethod(strtoupper($fakeMethod)); } return $out ? $out($request, $response) : $response; }
/** * Execute the middleware. * * @param ServerRequestInterface $request * @param ResponseInterface $response * @param callable $next * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $authorization = self::parseAuthorizationHeader($request->getHeaderLine('Authorization')); if ($authorization && $this->checkUserPassword($authorization['username'], $authorization['password'])) { return $next(Middleware::setAttribute($request, self::KEY, $authorization['username']), $response); } return $response->withStatus(401)->withHeader('WWW-Authenticate', 'Basic realm="' . $this->realm . '"'); }
/** * Check the not modified header. * * @param \Psr\Http\Message\ServerRequestInterface $request The request to check. * @param \Cake\Filesystem\File $file The file object to compare. * @return bool */ protected function isNotModified($request, $file) { $modifiedSince = $request->getHeaderLine('If-Modified-Since'); if (!$modifiedSince) { return false; } return strtotime($modifiedSince) === $file->lastChange(); }
/** * Retrieve request authentication information. * * @param ServerRequestInterface $request * * @return array */ protected function getAuth(ServerRequestInterface $request) { $authHeader = $request->getHeaderLine('Authorization'); if (preg_match('/^Basic /', $authHeader)) { $auth = explode(':', base64_decode(substr($authHeader, 6)), 2); return ['username' => $auth[0], 'password' => isset($auth[1]) ? $auth[1] : null]; } }
/** * Validate authorization token * @param Request $request * @return boolean */ private function isValid(Request $request) { $token = $request->getHeaderLine('authorization'); if ($token == 'pasando') { return true; } return false; }
public function it_will_error_on_invalid_request_data(ServerRequestInterface $httpRequest) { $uuid = Uuid::uuid4(); $post = ['data' => ['type' => 'pages', 'id' => $uuid->toString(), 'attributes' => ['title' => 'Long title ', 'slug' => 'long-title', 'short_title' => ' Title', 'sort_order' => 'joe', 'status' => 'nonsense']]]; $httpRequest->getHeaderLine('Accept')->willReturn('application/json'); $httpRequest->getParsedBody()->willReturn($post); $this->shouldThrow(ValidationFailedException::class)->duringParseHttpRequest($httpRequest, ['uuid' => $uuid->toString()]); }
public function modify(ServerRequestInterface $request) : ServerRequestInterface { if (false === strpos($request->getHeaderLine('Content-Type'), 'application/x-www-form-urlencoded')) { return $request; } parse_str($request->getBody()->getContents(), $parsedBody); return $request->withParsedBody($parsedBody); }
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $referer = (string) parse_url($request->getHeaderLine('referer'), PHP_URL_HOST); $uri = (string) parse_url((string) $request->getUri(), PHP_URL_HOST); if ($referer && $referer != $uri) { throw new SecurityException("Unallowed referer {$referer}"); } return $next($request, $response); }
public function __invoke(Request $req, Response $res, $args = []) { $vaultName = $args['vaultName']; $multipartID = $args['multipartID']; if (!($vault = Vault::get($vaultName))) { return $res->withStatus(404); } if (!($m = $vault->getMultipart($multipartID))) { return $res->withStatus(404); } $treeHash = $req->getHeaderLine('x-amz-sha256-tree-hash'); $archiveSize = $req->getHeaderLine('x-amz-archive-size'); if (($a = $m->finalize($archiveSize, $treeHash)) === false) { return $res->withStatus(400)->write('Finalize failed'); } $vault->invalidateInventory(); return $res->withStatus(201)->withHeader('x-amz-archive-id', $a->getId()); }
/** * @param \Psr\Http\Message\ServerRequestInterface $request * @param \Psr\Http\Message\ResponseInterface $response * @param callable $next */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { if (!$request->getParsedBody() && in_array($request->getMethod(), ['POST', 'PUT', 'DELETE'], true)) { if ($request->getHeaderLine('Content-Type') === "application/json") { $request = $request->withParsedBody(json_decode((string) $request->getBody(), true)); } } return $next($request); }
/** * Parses request bodies based on content type * * @param Request $request * @param Response $response * @param callable $next * @return Response */ public function __invoke(Request $request, Response $response, callable $next) { $mime = strtolower($request->getHeaderLine('Content-Type')); if ($this->isApplicableMimeType($mime) && !$request->getParsedBody()) { $parsed = $this->getParsedBody((string) $request->getBody()); $request = $request->withParsedBody($parsed); } return $next($request, $response); }
public function enrichRequestWithParsedBody(ServerRequestInterface $request) { if ($request->hasHeader(HeaderName::CONTENT_TYPE) && $request->getHeaderLine(HeaderName::CONTENT_TYPE) === 'application/json') { $parsedBody = $this->serializer->deserialize($request->getBody()->__toString(), 'array', 'json'); return $request->withParsedBody($parsedBody); } else { return $request->withParsedBody([]); } }
public function __invoke(Request $request, Response $response, callable $next) : Response { $parent = $request->getOriginalRequest(); $parentUrl = str_replace('/thank-you', '', (string) $parent->getUri()); if (!$request->hasHeader('Referer') || !preg_match('#^' . $parentUrl . '#', $request->getHeaderLine('Referer'))) { return $response->withStatus(302)->withHeader('Location', $parentUrl); } return new HtmlResponse($this->template->render('contact::thankyou', [])); }
/** * Determine which content type we know about is wanted using Accept header * * @param ServerRequestInterface $request * @return string */ private function determineContentType(ServerRequestInterface $request) { $acceptHeader = $request->getHeaderLine('Accept'); $selectedContentTypes = array_intersect(explode(',', $acceptHeader), $this->knownContentTypes); if (count($selectedContentTypes)) { return $selectedContentTypes[0]; } return 'text/html'; }
/** * {@inheritdoc} */ public function __invoke(Request $request, Response $response, callable $out = null) { $header = $request->getHeaderLine('authorization'); if (starts_with($header, $this->prefix) && ($token = substr($header, strlen($this->prefix))) && ($accessToken = AccessToken::valid($token))) { $this->app->instance('flarum.actor', $user = $accessToken->user); $user->updateLastSeen()->save(); } return $out ? $out($request, $response) : $response; }
/** * Execute the middleware. * * @param ServerRequestInterface $request * @param ResponseInterface $response * @param callable $next * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $language = $this->negotiateHeader($request->getHeaderLine('Accept-Language'), new Negotiator(), $this->languages); if (empty($language)) { $language = isset($this->languages[0]) ? $this->languages[0] : null; } $request = Middleware::setAttribute($request, self::KEY, $language); return $next($request, $response); }