/**
* This method is called to process any request and dispatches
* it to on of the do* -methods of the scriptlet. It will also
* call the `doCreateSession()` method if necessary.
*
* @param scriptlet.HttpScriptletRequest request
* @param scriptlet.HttpScriptletResponse response
* @throws scriptlet.ScriptletException indicating fatal errors
*/
public function service(HttpScriptletRequest $request, HttpScriptletResponse $response)
{
$host = $request->getHeader('X-Forwarded-Host', $request->getEnvValue('HTTP_HOST'));
$request->setURL($this->_url(('on' == $request->getEnvValue('HTTPS') ? 'https' : 'http') . '://' . substr($host, 0, strcspn($host, ',')) . $request->getEnvValue('REQUEST_URI')));
// Check if this method can be handled. In case it can't, throw a
// ScriptletException with the HTTP status code 501 ("Method not
// implemented"). The request object will already have all headers
// and the request method set when this method is called.
if (!($method = $this->handleMethod($request))) {
throw new ScriptletException('HTTP method "' . $request->method . '" not supported', HttpConstants::STATUS_METHOD_NOT_IMPLEMENTED);
}
// Call the request's initialization method
$request->initialize();
// Create response object. Answer with the same protocol version that the
// user agent sends us with the request. The only versions we should be
// getting are 1.0 (some proxies or do this) or 1.1 (any current browser).
// Answer with a "HTTP Version Not Supported" statuscode (#505) for any
// other protocol version.
$response->setURI($request->getURL());
if (2 != sscanf($proto = $request->getEnvValue('SERVER_PROTOCOL'), 'HTTP/%[1].%[01]', $major, $minor)) {
throw new ScriptletException('Unsupported HTTP protocol version "' . $proto . '" - expected HTTP/1.0 or HTTP/1.1', HttpConstants::STATUS_HTTP_VERSION_NOT_SUPPORTED);
}
$response->version = '1.' . $minor;
// Check if a session is present. This is either the case when a session
// is already in the URL or if the scriptlet explicetly states it needs
// one (by returning TRUE from needsSession()).
if ($this->needsSession($request) || $request->getSessionId()) {
$request->setSession($this->_session());
$valid = false;
try {
$this->handleSessionInitialization($request);
$valid = $request->session->isValid();
} catch (\lang\XPException $e) {
// Check if session initialization errors can be handled gracefully
// (default: no). If not, throw a HttpSessionInvalidException with
// the HTTP status code 503 ("Service temporarily unavailable").
if (!$this->handleSessionInitializationError($request, $response)) {
throw new HttpSessionInvalidException('Session initialization failed: ' . $e->getMessage(), HttpConstants::STATUS_SERVICE_TEMPORARILY_UNAVAILABLE, $e);
}
// Fall through, otherwise
}
// Check if invalid sessions can be handled gracefully (default: no).
// If not, throw a HttpSessionInvalidException with the HTTP status
// code 400 ("Bad request").
if (!$valid) {
if (!$this->handleInvalidSession($request, $response)) {
throw new HttpSessionInvalidException('Session is invalid', HttpConstants::STATUS_BAD_REQUEST);
}
// Fall through, otherwise
}
// Call doCreateSession() in case the session is new
if ($request->session->isNew()) {
$method = 'doCreateSession';
}
}
// If this scriptlet has an authenticator, run its authenticate()
// method. This method may return FALSE to indicate no further
// processing is to be done (e.g., in case it redirects to a login
// site). Exceptions thrown are wrapped in a ScriptletException
// with status code 403 ("Forbidden").
if ($auth = $this->getAuthenticator($request)) {
array_unshift($this->filters, new AuthenticationFilter($auth));
}
// Call method handler and, in case the method handler returns anything
// else than FALSE, the response processor. Exceptions thrown from any of
// the two methods will result in a ScriptletException with the HTTP
// status code 500 ("Internal Server Error") being thrown.
try {
$r = (new Invocation([$this, $method], $this->filters))->proceed($request, $response);
if (false !== $r) {
$response->process();
}
} catch (ScriptletException $e) {
throw $e;
} catch (\lang\SystemExit $e) {
throw $e;
} catch (\Exception $e) {
// PHP 5
throw new ScriptletException('Request processing failed [' . $method . ']: ' . $e->getMessage(), HttpConstants::STATUS_INTERNAL_SERVER_ERROR, $e);
} catch (\Throwable $e) {
// PHP 7
throw new ScriptletException('Request processing failed [' . $method . ']: ' . $e->getMessage(), HttpConstants::STATUS_INTERNAL_SERVER_ERROR, $e);
}
}
/**
* Overwritten method from parent class
*
* @param string content Content
* @throws lang.IllegalAccessException
*/
public function setContent($content)
{
if ($this->_processed) {
throw new \lang\IllegalAccessException('Cannot write directly');
}
parent::setContent($content);
}
