/** * Extracts the WidgetContext from the given $httpRequest. * If the request contains an argument "__widgetId" the context is fetched from the session (AjaxWidgetContextHolder). * Otherwise the argument "__widgetContext" is expected to contain the serialized WidgetContext (protected by a HMAC suffix) * * @param Request $httpRequest * @return WidgetContext */ protected function extractWidgetContext(Request $httpRequest) { if ($httpRequest->hasArgument('__widgetId')) { return $this->ajaxWidgetContextHolder->get($httpRequest->getArgument('__widgetId')); } elseif ($httpRequest->hasArgument('__widgetContext')) { $serializedWidgetContextWithHmac = $httpRequest->getArgument('__widgetContext'); $serializedWidgetContext = $this->hashService->validateAndStripHmac($serializedWidgetContextWithHmac); return unserialize(base64_decode($serializedWidgetContext)); } return null; }
/** * Builds a widget request object from the raw HTTP information * * @return \TYPO3\Fluid\Core\Widget\WidgetRequest The widget request as an object */ public function build() { $request = $this->objectManager->create('TYPO3\\Fluid\\Core\\Widget\\WidgetRequest'); $request->setRequestURI(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL')); $request->setBaseURI(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL')); $request->setMethod(isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL); if (strtolower($_SERVER['REQUEST_METHOD']) === 'post') { $request->setArguments(\TYPO3\CMS\Core\Utility\GeneralUtility::_POST()); } else { $request->setArguments(\TYPO3\CMS\Core\Utility\GeneralUtility::_GET()); } $rawGetArguments = \TYPO3\CMS\Core\Utility\GeneralUtility::_GET(); // TODO: rename to @action, to be consistent with normal naming? if (isset($rawGetArguments['action'])) { $request->setControllerActionName($rawGetArguments['action']); } $widgetContext = $this->ajaxWidgetContextHolder->get($rawGetArguments['fluid-widget-id']); $request->setWidgetContext($widgetContext); return $request; }
/** * An advice which intercepts the original route() method if a widget AJAX request * was identified. * * If the HTTP request contains an argument hinting on an AJAX request directed * to a widget, this method will create a matching ActionRequest rather than * invoking the whole routing mechanism. * * @Flow\Around("method(TYPO3\Flow\Mvc\Routing\Router->route())") * @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint * @return \TYPO3\Flow\Mvc\ActionRequest */ public function routeAjaxWidgetRequestAdvice(JoinPointInterface $joinPoint) { $httpRequest = $joinPoint->getMethodArgument('httpRequest'); if ($httpRequest->hasArgument('__widgetId') || $httpRequest->hasArgument('__widgetContext')) { $actionRequest = $httpRequest->createActionRequest(); $widgetId = $actionRequest->getInternalArgument('__widgetId'); if ($widgetId !== NULL) { $widgetContext = $this->ajaxWidgetContextHolder->get($widgetId); } else { $serializedWidgetContextWithHmac = $actionRequest->getInternalArgument('__widgetContext'); $serializedWidgetContext = $this->hashService->validateAndStripHmac($serializedWidgetContextWithHmac); $widgetContext = unserialize($serializedWidgetContext); } $actionRequest->setArgument('__widgetContext', $widgetContext); $actionRequest->setControllerObjectName($widgetContext->getControllerObjectName()); return $actionRequest; } else { return $joinPoint->getAdviceChain()->proceed($joinPoint); } }