vendor/hwi/oauth-bundle/Controller/RedirectToServiceController.php line 76

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of the HWIOAuthBundle package.
  4.  *
  5.  * (c) Hardware Info <opensource@hardware.info>
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  10. namespace HWI\Bundle\OAuthBundle\Controller;
  11. use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
  12. use HWI\Bundle\OAuthBundle\Util\DomainWhitelist;
  13. use RuntimeException;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  17. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  18. /**
  19.  * @author Alexander <iam.asm89@gmail.com>
  20.  */
  21. final class RedirectToServiceController
  22. {
  23.     /**
  24.      * @var OAuthUtils
  25.      */
  26.     private $oauthUtils;
  27.     /**
  28.      * @var DomainWhitelist
  29.      */
  30.     private $domainWhitelist;
  31.     /**
  32.      * @var array
  33.      */
  34.     private $firewallNames;
  35.     /**
  36.      * @var string|null
  37.      */
  38.     private $targetPathParameter;
  39.     /**
  40.      * @var bool
  41.      */
  42.     private $failedUseReferer;
  43.     /**
  44.      * @var bool
  45.      */
  46.     private $useReferer;
  47.     public function __construct(
  48.         OAuthUtils $oauthUtils,
  49.         DomainWhitelist $domainWhitelist,
  50.         array $firewallNames,
  51.         ?string $targetPathParameter,
  52.         bool $failedUseReferer,
  53.         bool $useReferer
  54.     ) {
  55.         $this->oauthUtils $oauthUtils;
  56.         $this->domainWhitelist $domainWhitelist;
  57.         $this->firewallNames $firewallNames;
  58.         $this->targetPathParameter $targetPathParameter;
  59.         $this->failedUseReferer $failedUseReferer;
  60.         $this->useReferer $useReferer;
  61.     }
  62.     /**
  63.      * @throws NotFoundHttpException
  64.      */
  65.     public function redirectToServiceAction(Request $requeststring $service): RedirectResponse
  66.     {
  67.         try {
  68.             $authorizationUrl $this->oauthUtils->getAuthorizationUrl($request$service);
  69.         } catch (RuntimeException $e) {
  70.             throw new NotFoundHttpException($e->getMessage(), $e);
  71.         }
  72.         $this->storeReturnPath($request$authorizationUrl);
  73.         return new RedirectResponse($authorizationUrl);
  74.     }
  75.     private function storeReturnPath(Request $requeststring $authorizationUrl): void
  76.     {
  77.         $session $request->getSession();
  78.         if (null === $session) {
  79.             return;
  80.         }
  81.         $param $this->targetPathParameter;
  82.         foreach ($this->firewallNames as $providerKey) {
  83.             $sessionKey '_security.'.$providerKey.'.target_path';
  84.             $sessionKeyFailure '_security.'.$providerKey.'.failed_target_path';
  85.             if (!empty($param) && $targetUrl $request->get($param)) {
  86.                 if (!$this->domainWhitelist->isValidTargetUrl($targetUrl)) {
  87.                     throw new AccessDeniedHttpException('Not allowed to redirect to '.$targetUrl);
  88.                 }
  89.                 $session->set($sessionKey$targetUrl);
  90.             }
  91.             if ($this->failedUseReferer && !$session->has($sessionKeyFailure) && ($targetUrl $request->headers->get('Referer')) && $targetUrl !== $authorizationUrl) {
  92.                 $session->set($sessionKeyFailure$targetUrl);
  93.             }
  94.             if ($this->useReferer && !$session->has($sessionKey) && ($targetUrl $request->headers->get('Referer')) && $targetUrl !== $authorizationUrl) {
  95.                 $session->set($sessionKey$targetUrl);
  96.             }
  97.         }
  98.     }
  99. }