Commit 408d76cd authored by Tino Goratsch's avatar Tino Goratsch

updated the friendsofsymfony/http-cache package to version 2.0.1

# Conflicts:
#	ACP3/Modules/ACP3/Users/Controller/Widget/Index/Hash.php
#	ACP3/Modules/ACP3/Users/Resources/config/components/controllers.yml
#	composer.lock
parent 94cfbd9f
......@@ -6,14 +6,16 @@
namespace ACP3\Core\Application;
use ACP3\Core\Application\BootstrapCache\Event\Listener\UserContextSubscriber;
use ACP3\Core\Application\BootstrapCache\Event\Listener\UserContextListener;
use ACP3\Core\Session\SessionHandlerInterface;
use ACP3\Core\View\Renderer\Smarty\Filters\MoveToBottom;
use FOS\HttpCache\SymfonyCache\CacheInvalidation;
use FOS\HttpCache\SymfonyCache\EventDispatchingHttpCache;
use FOS\HttpCache\SymfonyCache\PurgeSubscriber;
use FOS\HttpCache\SymfonyCache\RefreshSubscriber;
use FOS\HttpCache\SymfonyCache\PurgeListener;
use FOS\HttpCache\SymfonyCache\RefreshListener;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpCache\HttpCache;
use Symfony\Component\HttpKernel\HttpCache\StoreInterface;
use Symfony\Component\HttpKernel\HttpCache\SurrogateInterface;
use Symfony\Component\HttpKernel\HttpKernelInterface;
......@@ -22,8 +24,10 @@ use Symfony\Component\HttpKernel\HttpKernelInterface;
* Class BootstrapCache
* @package ACP3\Core\Application
*/
class BootstrapCache extends EventDispatchingHttpCache
class BootstrapCache extends HttpCache implements CacheInvalidation
{
use EventDispatchingHttpCache;
const JAVASCRIPTS_REGEX_PATTERN = MoveToBottom::ELEMENT_CATCHER_REGEX_PATTERN;
const PLACEHOLDER = '</body>';
......@@ -38,12 +42,22 @@ class BootstrapCache extends EventDispatchingHttpCache
{
parent::__construct($kernel, $store, $surrogate, $options);
$this->addSubscriber(new UserContextSubscriber([
$this->addSubscriber(new UserContextListener([
'user_hash_uri' => '/widget/users/index/hash/',
'session_name_prefix' => SessionHandlerInterface::SESSION_NAME
]));
$this->addSubscriber(new PurgeSubscriber());
$this->addSubscriber(new RefreshSubscriber());
$this->addSubscriber(new PurgeListener());
$this->addSubscriber(new RefreshListener());
}
/**
* Made public to allow event listeners to do refresh operations.
*
* {@inheritDoc}
*/
public function fetch(Request $request, $catch = false)
{
return parent::fetch($request, $catch);
}
/**
......@@ -80,7 +94,7 @@ class BootstrapCache extends EventDispatchingHttpCache
* @param string $tplOutput
* @return string
*/
private function getCleanedUpTemplateOutput($tplOutput)
private function getCleanedUpTemplateOutput(string $tplOutput): string
{
return preg_replace(static::JAVASCRIPTS_REGEX_PATTERN, '', $tplOutput);
}
......@@ -89,7 +103,7 @@ class BootstrapCache extends EventDispatchingHttpCache
* @param string $tplOutput
* @return string
*/
private function addElementsFromTemplates($tplOutput)
private function addElementsFromTemplates(string $tplOutput): string
{
$matches = [];
preg_match_all(static::JAVASCRIPTS_REGEX_PATTERN, $tplOutput, $matches);
......
......@@ -16,11 +16,11 @@ use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
/**
* Class UserContextSubscriber
* @package ACP3\Core\Application\BootstrapCache\Event\Listener
* Caching proxy side of the user context handling for the symfony built-in HttpCache.
*
* @see \FOS\HttpCache\SymfonyCache\UserContextSubscriber for the original file as we had to override some logic...
*/
class UserContextSubscriber implements EventSubscriberInterface
class UserContextListener implements EventSubscriberInterface
{
/**
* The options configured in the constructor argument or default values.
......@@ -37,9 +37,9 @@ class UserContextSubscriber implements EventSubscriberInterface
private $userHash;
/**
* When creating this subscriber, you can configure a number of options.
* When creating this listener, you can configure a number of options.
*
* - anonymous_hash: Hash used for anonymous user.
* - anonymous_hash: Hash used for anonymous user. Hash lookup skipped for anonymous if this is set.
* - user_hash_accept_header: Accept header value to be used to request the user hash to the
* backend application. Must match the setup of the backend application.
* - user_hash_header: Name of the header the user context hash will be stored into. Must
......@@ -56,7 +56,7 @@ class UserContextSubscriber implements EventSubscriberInterface
{
$resolver = new OptionsResolver();
$resolver->setDefaults([
'anonymous_hash' => '38015b703d82206ebc01d17a39c727e5',
'anonymous_hash' => null,
'user_hash_accept_header' => 'application/vnd.fos.user-context-hash',
'user_hash_header' => 'X-User-Context-Hash',
'user_hash_uri' => '/_fos_user_context_hash',
......@@ -82,7 +82,7 @@ class UserContextSubscriber implements EventSubscriberInterface
*
* Adds the user hash header to the request.
*
* Checks if an external request tries tampering with the user context hash mechanism
* Checks if an external request tries tampering with the use context hash mechanism
* to prevent attacks.
*
* @param CacheEvent $event
......@@ -100,11 +100,8 @@ class UserContextSubscriber implements EventSubscriberInterface
return;
}
if ($request->isMethodSafe()) {
$request->headers->set(
$this->options['user_hash_header'],
$this->getUserHash($event->getKernel(), $request)
);
if ($request->isMethodSafe() && $hash = $this->getUserHash($event->getKernel(), $request)) {
$request->headers->set($this->options['user_hash_header'], $hash);
}
}
......@@ -114,8 +111,7 @@ class UserContextSubscriber implements EventSubscriberInterface
/**
* Remove unneeded things from the request for user hash generation.
*
* Cleans cookies header to only keep the session identifier cookie, so the hash lookup request
* can be cached per session.
* Cleans cookies header to only keep the session identifier cookie and the ACP3 remember me cookie
*
* @param Request $hashLookupRequest
* @param Request $originalRequest
......@@ -156,7 +152,8 @@ class UserContextSubscriber implements EventSubscriberInterface
* Returns the user context hash for $request.
*
* @param HttpKernelInterface $kernel
* @param Request $request
* @param Request $request
*
* @return string
*/
private function getUserHash(HttpKernelInterface $kernel, Request $request)
......@@ -165,7 +162,7 @@ class UserContextSubscriber implements EventSubscriberInterface
return $this->userHash;
}
if ($this->isAnonymous($request)) {
if ($this->options['anonymous_hash'] && $this->isAnonymous($request)) {
return $this->userHash = $this->options['anonymous_hash'];
}
......@@ -227,18 +224,11 @@ class UserContextSubscriber implements EventSubscriberInterface
*
* @param Request $request
*
* @return Request The request that will return the user context hash value.
* @return Request The request that will return the user context hash value
*/
private function generateHashLookupRequest(Request $request)
{
$hashLookupRequest = Request::create(
$this->options['user_hash_uri'],
$this->options['user_hash_method'],
[],
[],
[],
$request->server->all()
);
$hashLookupRequest = Request::create($this->options['user_hash_uri'], $this->options['user_hash_method'], [], [], [], $request->server->all());
$hashLookupRequest->attributes->set('internalRequest', true);
$hashLookupRequest->headers->set('Accept', $this->options['user_hash_accept_header']);
$this->cleanupHashLookupRequest($hashLookupRequest, $request);
......
......@@ -6,15 +6,30 @@
namespace ACP3\Modules\ACP3\Users\Controller\Widget\Index;
use ACP3\Core\ACL\ACLInterface;
use ACP3\Core\Controller\AbstractWidgetAction;
use ACP3\Modules\ACP3\System\Installer\Schema;
use ACP3\Core\Controller\Context\WidgetContext;
use FOS\HttpCache\UserContext\DefaultHashGenerator;
/**
* Class Hash
* @package ACP3\Modules\ACP3\Users\Controller\Widget\Index
*/
class Hash extends AbstractWidgetAction
{
/**
* @var DefaultHashGenerator
*/
private $hashGenerator;
/**
* Hash constructor.
* @param WidgetContext $context
* @param DefaultHashGenerator $hashGenerator
*/
public function __construct(WidgetContext $context, DefaultHashGenerator $hashGenerator)
{
parent::__construct($context);
$this->hashGenerator = $hashGenerator;
}
/**
* @return \Symfony\Component\HttpFoundation\Response
*/
......@@ -25,28 +40,9 @@ class Hash extends AbstractWidgetAction
$this->response->setMaxAge(60);
$this->response->headers->add([
'Content-type' => 'application/vnd.fos.user-context-hash',
'X-User-Context-Hash' => $this->generateUserContextHash()
'X-User-Context-Hash' => $this->hashGenerator->generateHash()
]);
return $this->response;
}
/**
* @return string
*/
private function generateUserContextHash()
{
$settings = $this->config->getSettings(Schema::MODULE_NAME);
$hash = $settings['security_secret'];
if ($this->user->isAuthenticated()) {
$hash .= implode('-', $this->acl->getUserRoleIds($this->user->getUserId()));
if (intval($settings['cache_vary_user']) === 1) {
$hash .= '-' . $this->user->getUserId();
}
}
return hash('sha512', $hash);
}
}
<?php
/**
* Copyright (c) by the ACP3 Developers.
* See the LICENCE file at the top-level module directory for licencing details.
*/
namespace ACP3\Modules\ACP3\Users\Core\Application\BootstrapCache;
use ACP3\Core\ACL\ACLInterface;
use ACP3\Core\Settings\SettingsInterface;
use ACP3\Modules\ACP3\System\Installer\Schema;
use ACP3\Modules\ACP3\Users\Model\UserModel;
use FOS\HttpCache\UserContext\ContextProvider;
use FOS\HttpCache\UserContext\UserContext;
class IsAuthenticatedProvider implements ContextProvider
{
/**
* @var SettingsInterface
*/
private $settings;
/**
* @var UserModel
*/
private $userModel;
/**
* @var ACLInterface
*/
private $acl;
/**
* IsAuthenticatedProvider constructor.
* @param SettingsInterface $settings
* @param ACLInterface $acl
* @param UserModel $userModel
*/
public function __construct(SettingsInterface $settings, ACLInterface $acl, UserModel $userModel)
{
$this->settings = $settings;
$this->userModel = $userModel;
$this->acl = $acl;
}
/**
* @inheritdoc
*/
public function updateUserContext(UserContext $context)
{
$settings = $this->settings->getSettings(Schema::MODULE_NAME);
$context->addParameter('security_secret', $settings['security_secret']);
$context->addParameter('authenticated', $this->userModel->isAuthenticated());
$context->addParameter('roles', $this->acl->getUserRoleIds($this->userModel->getUserId()));
if (intval($settings['cache_vary_user']) === 1) {
$context->addParameter('user_id', $this->userModel->getUserId());
}
}
}
......@@ -118,7 +118,9 @@ services:
users.controller.widget.index.hash:
class: ACP3\Modules\ACP3\Users\Controller\Widget\Index\Hash
parent: core.controller.widget
arguments:
- '@core.context.widget'
- '@http_cache.hash_generator'
users.controller.widget.index.login:
class: ACP3\Modules\ACP3\Users\Controller\Widget\Index\Login
......
......@@ -13,6 +13,20 @@ services:
- { name: core.authentication }
public: false
users.core.application.bootstrap_cache.is_authenticated_provider:
class: ACP3\Modules\ACP3\Users\Core\Application\BootstrapCache\IsAuthenticatedProvider
arguments:
- '@core.config'
- '@core.acl'
- '@users.model.user_model'
public: false
http_cache.hash_generator:
class: FOS\HttpCache\UserContext\DefaultHashGenerator
arguments:
- ['@users.core.application.bootstrap_cache.is_authenticated_provider']
public: false
users.helpers.forms:
class: ACP3\Modules\ACP3\Users\Helpers\Forms
arguments:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment