vendor/dvdw/platform-choice/src/Framework/Routing/StorefrontSubscriber.php line 44

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Dvdw\PlatformChoice\Framework\Routing;
  5. use Dvdw\PlatformChoice\Framework\Util\TokenEncoder;
  6. use Shopware\Core\Framework\Util\Random;
  7. use Shopware\Core\PlatformRequest;
  8. use Shopware\Core\SalesChannelRequest;
  9. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextPersister;
  10. use Shopware\Storefront\Framework\Routing\RequestTransformer;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\HttpFoundation\RedirectResponse;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\RequestStack;
  15. use Symfony\Component\HttpKernel\Event\RequestEvent;
  16. use Symfony\Component\HttpKernel\KernelEvents;
  18. class StorefrontSubscriber implements EventSubscriberInterface
  19. {
  20.     public CONST TOKEN_NAME 'sw-identifier';
  22.     public CONST NONCE 'nonce';
  24.     public CONST NONCE_LENGTH 16;
  26.     private RequestStack $requestStack;
  28.     private SalesChannelContextPersister $contextPersister;
  30.     public function __construct(
  31.         RequestStack $requestStack,
  32.         SalesChannelContextPersister $contextPersister
  33.     )
  34.     {
  35.         $this->requestStack $requestStack;
  36.         $this->contextPersister $contextPersister;
  37.     }
  39.     public static function getSubscribedEvents(): iterable
  40.     {
  41.         return [KernelEvents::REQUEST => ['setContextToken'100]];
  42.     }
  44.     public function setContextToken(RequestEvent $event): void
  45.     {
  46.         $master $this->requestStack->getMainRequest();
  48.         if ($master === null) {
  49.             return;
  50.         }
  52.         $cookieToken $master->cookies->get(self::TOKEN_NAME);
  53.         $queryToken $master->query->get(self::TOKEN_NAME);
  54.         $queryNonce $master->query->get(self::NONCE);
  56.         if ($master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST) === null
  57.             || !$master->hasSession()
  58.             || ($cookieToken === null && $queryToken === null)
  59.             || ($queryToken !== null && $queryNonce === null)
  60.         )
  61.         {
  62.             return;
  63.         }
  65.         $session $master->getSession();
  67.         if (!$session->isStarted()) {
  68.             $session->setName('session-');
  69.             $session->start();
  70.             $session->set('sessionId'$session->getId());
  71.         }
  73.         if ($queryToken !== null) {
  74.             $this->setCleanedUrl($event$master);
  75.             $token TokenEncoder::decodeToken($queryToken);
  76.             $this->verifyAndSetCookie($token$queryNonce$queryToken$master);
  77.         } else {
  78.             $token TokenEncoder::decodeToken($cookieToken);
  79.         }
  81.         $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  82.         $master->headers->set(
  83.             PlatformRequest::HEADER_CONTEXT_TOKEN,
  84.             $session->get(PlatformRequest::HEADER_CONTEXT_TOKEN)
  85.         );
  86.     }
  88.     private function getDomain(Request $request): string
  89.     {
  90.         $split array_reverse(explode('.'$request->getHost()));
  92.         return sprintf('.%s.%s'$split[1], $split[0]);
  93.     }
  95.     private function setCleanedUrl(RequestEvent $eventRequest $request): void
  96.     {
  97.         $url $request->attributes->get(RequestTransformer::SALES_CHANNEL_ABSOLUTE_BASE_URL)
  98.             . $request->attributes->get(RequestTransformer::ORIGINAL_REQUEST_URI);
  100.         if (empty($url)) {
  101.             return;
  102.         }
  104.         $url $this->removeFromUrl($url);
  105.         $event->setResponse(new RedirectResponse($url));
  106.     }
  108.     private function removeFromUrl(string $url): string
  109.     {
  110.         $parsedUrl parse_url($url);
  111.         $query = [];
  113.         if (isset($parsedUrl['query'])) {
  114.             parse_str($parsedUrl['query'], $query);
  115.             unset($query[self::TOKEN_NAME]);
  116.             unset($query[self::NONCE]);
  117.         }
  119.         $path $parsedUrl['path'] ?? '';
  120.         $query = !empty($query) ? '?'http_build_query($query) : '';
  122.         return $parsedUrl['scheme']. '://'$parsedUrl['host']. $path$query;
  123.     }
  125.     private function verifyAndSetCookie(string $tokenstring $queryNoncestring $queryTokenRequest $request): void
  126.     {
  127.         $context $this->contextPersister->load($token'');
  128.         $nonce $context[self::NONCE] ?? null;
  130.         if ($nonce !== $queryNonce) {
  131.             return;
  132.         }
  134.         $this->contextPersister->save(
  135.             $token,
  136.             [self::NONCE => Random::getAlphanumericString(self::NONCE_LENGTH)],
  137.             ''
  138.         );
  140.         setcookie(
  141.             self::TOKEN_NAME,
  142.             $queryToken,
  143.             (new \DateTime())->modify('+1 year')->getTimestamp(),
  144.             '/',
  145.             $this->getDomain($request)
  146.         );
  147.     }
  148. }