2011-06-20 06:08:46 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This file is part of the Symfony package.
|
|
|
|
*
|
|
|
|
* (c) Fabien Potencier <fabien@symfony.com>
|
|
|
|
*
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace Symfony\Component\Security\Http;
|
|
|
|
|
2011-07-19 15:21:58 +01:00
|
|
|
use Symfony\Component\Security\Core\SecurityContextInterface;
|
|
|
|
|
2011-06-20 06:08:46 +01:00
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
|
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
2012-06-26 10:17:51 +01:00
|
|
|
use Symfony\Component\Routing\Matcher\UrlMatcherInterface;
|
2013-01-04 14:29:54 +00:00
|
|
|
use Symfony\Component\Routing\Matcher\RequestMatcherInterface;
|
2012-06-26 10:17:51 +01:00
|
|
|
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
2011-11-14 12:10:32 +00:00
|
|
|
use Symfony\Component\Routing\Exception\MethodNotAllowedException;
|
|
|
|
use Symfony\Component\Routing\Exception\ResourceNotFoundException;
|
2011-06-20 06:08:46 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Encapsulates the logic needed to create sub-requests, redirect the user, and match URLs.
|
|
|
|
*
|
|
|
|
* @author Fabien Potencier <fabien@symfony.com>
|
|
|
|
*/
|
|
|
|
class HttpUtils
|
|
|
|
{
|
2012-06-26 10:17:51 +01:00
|
|
|
private $urlGenerator;
|
|
|
|
private $urlMatcher;
|
2011-06-20 06:08:46 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Constructor.
|
|
|
|
*
|
2012-12-22 10:07:13 +00:00
|
|
|
* @param UrlGeneratorInterface $urlGenerator A UrlGeneratorInterface instance
|
|
|
|
* @param UrlMatcherInterface|RequestMatcherInterface $matcher The Url or Request matcher
|
2011-06-20 06:08:46 +01:00
|
|
|
*/
|
2012-12-22 10:07:13 +00:00
|
|
|
public function __construct(UrlGeneratorInterface $urlGenerator = null, $urlMatcher = null)
|
2011-06-20 06:08:46 +01:00
|
|
|
{
|
2012-06-26 10:17:51 +01:00
|
|
|
$this->urlGenerator = $urlGenerator;
|
2012-12-22 10:07:13 +00:00
|
|
|
if ($urlMatcher !== null && !$urlMatcher instanceof UrlMatcherInterface && !$urlMatcher instanceof RequestMatcherInterface) {
|
|
|
|
throw new \InvalidArgumentException('Matcher must either implement UrlMatcherInterface or RequestMatcherInterface.');
|
|
|
|
}
|
2012-06-26 10:17:51 +01:00
|
|
|
$this->urlMatcher = $urlMatcher;
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Creates a redirect Response.
|
|
|
|
*
|
|
|
|
* @param Request $request A Request instance
|
|
|
|
* @param string $path A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo))
|
|
|
|
* @param integer $status The status code
|
|
|
|
*
|
|
|
|
* @return Response A RedirectResponse instance
|
|
|
|
*/
|
|
|
|
public function createRedirectResponse(Request $request, $path, $status = 302)
|
|
|
|
{
|
2012-06-26 10:30:41 +01:00
|
|
|
return new RedirectResponse($this->generateUri($request, $path), $status);
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Creates a Request.
|
|
|
|
*
|
|
|
|
* @param Request $request The current Request instance
|
|
|
|
* @param string $path A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo))
|
|
|
|
*
|
|
|
|
* @return Request A Request instance
|
|
|
|
*/
|
|
|
|
public function createRequest(Request $request, $path)
|
|
|
|
{
|
2013-03-14 16:43:08 +00:00
|
|
|
$newRequest = call_user_func(array(get_class($request), 'create'), $this->generateUri($request, $path), 'get', array(), $request->cookies->all(), array(), $request->server->all());
|
2011-07-19 15:21:58 +01:00
|
|
|
if ($session = $request->getSession()) {
|
|
|
|
$newRequest->setSession($session);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
|
|
|
|
$newRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $request->attributes->get(SecurityContextInterface::AUTHENTICATION_ERROR));
|
|
|
|
}
|
|
|
|
if ($request->attributes->has(SecurityContextInterface::ACCESS_DENIED_ERROR)) {
|
|
|
|
$newRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $request->attributes->get(SecurityContextInterface::ACCESS_DENIED_ERROR));
|
|
|
|
}
|
|
|
|
if ($request->attributes->has(SecurityContextInterface::LAST_USERNAME)) {
|
|
|
|
$newRequest->attributes->set(SecurityContextInterface::LAST_USERNAME, $request->attributes->get(SecurityContextInterface::LAST_USERNAME));
|
|
|
|
}
|
|
|
|
|
|
|
|
return $newRequest;
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks that a given path matches the Request.
|
|
|
|
*
|
|
|
|
* @param Request $request A Request instance
|
2012-06-26 10:30:41 +01:00
|
|
|
* @param string $path A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo))
|
2011-06-20 06:08:46 +01:00
|
|
|
*
|
|
|
|
* @return Boolean true if the path is the same as the one from the Request, false otherwise
|
|
|
|
*/
|
|
|
|
public function checkRequestPath(Request $request, $path)
|
|
|
|
{
|
|
|
|
if ('/' !== $path[0]) {
|
2011-07-05 10:00:08 +01:00
|
|
|
try {
|
2012-12-22 10:07:13 +00:00
|
|
|
// matching a request is more powerful than matching a URL path + context, so try that first
|
|
|
|
if ($this->urlMatcher instanceof RequestMatcherInterface) {
|
|
|
|
$parameters = $this->urlMatcher->matchRequest($request);
|
|
|
|
} else {
|
|
|
|
$parameters = $this->urlMatcher->match($request->getPathInfo());
|
|
|
|
}
|
2011-07-05 10:00:08 +01:00
|
|
|
|
|
|
|
return $path === $parameters['_route'];
|
2011-11-14 12:10:32 +00:00
|
|
|
} catch (MethodNotAllowedException $e) {
|
|
|
|
return false;
|
|
|
|
} catch (ResourceNotFoundException $e) {
|
2011-07-05 10:14:15 +01:00
|
|
|
return false;
|
2011-07-05 10:00:08 +01:00
|
|
|
}
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
2012-12-11 09:40:14 +00:00
|
|
|
return $path === rawurldecode($request->getPathInfo());
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
2012-06-26 10:30:41 +01:00
|
|
|
/**
|
|
|
|
* Generates a URI, based on the given path or absolute URL.
|
|
|
|
*
|
2012-06-26 11:06:05 +01:00
|
|
|
* @param Request $request A Request instance
|
2012-06-26 10:30:41 +01:00
|
|
|
* @param string $path A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo))
|
2012-06-26 11:06:05 +01:00
|
|
|
*
|
|
|
|
* @return string An absolute URL
|
2012-06-26 10:30:41 +01:00
|
|
|
*/
|
|
|
|
public function generateUri($request, $path)
|
|
|
|
{
|
|
|
|
if (0 === strpos($path, 'http') || !$path) {
|
|
|
|
return $path;
|
|
|
|
}
|
|
|
|
|
2012-06-26 11:06:05 +01:00
|
|
|
if ('/' === $path[0]) {
|
2012-06-26 10:30:41 +01:00
|
|
|
return $request->getUriForPath($path);
|
|
|
|
}
|
|
|
|
|
2013-03-11 05:59:49 +00:00
|
|
|
return $this->generateUrl($path, $request->attributes->all(), true);
|
2012-06-26 10:30:41 +01:00
|
|
|
}
|
|
|
|
|
2013-03-11 05:59:49 +00:00
|
|
|
private function generateUrl($route, array $attributes = array(), $absolute = false)
|
2011-06-20 06:08:46 +01:00
|
|
|
{
|
2012-06-26 10:17:51 +01:00
|
|
|
if (null === $this->urlGenerator) {
|
|
|
|
throw new \LogicException('You must provide a UrlGeneratorInterface instance to be able to use routes.');
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
|
2013-03-11 05:59:49 +00:00
|
|
|
$url = $this->urlGenerator->generate($route, $attributes, $absolute);
|
|
|
|
|
|
|
|
// unnecessary query string parameters must be removed from url
|
|
|
|
// (ie. query parameters that are presents in $attributes)
|
|
|
|
// fortunately, they all are, so we have to remove entire query string
|
|
|
|
$position = strpos($url, '?');
|
|
|
|
if (false !== $position) {
|
|
|
|
$url = substr($url, 0, $position);
|
|
|
|
}
|
|
|
|
|
|
|
|
return $url;
|
2011-06-20 06:08:46 +01:00
|
|
|
}
|
|
|
|
}
|