vendor/shopware/storefront/Framework/Routing/StorefrontSubscriber.php line 198

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Framework\Routing;
  5. use Shopware\Core\Checkout\Cart\Exception\CustomerNotLoggedInException;
  6. use Shopware\Core\Checkout\Customer\Event\CustomerLoginEvent;
  7. use Shopware\Core\Content\Seo\HreflangLoaderInterface;
  8. use Shopware\Core\Content\Seo\HreflangLoaderParameter;
  9. use Shopware\Core\Framework\Event\BeforeSendResponseEvent;
  10. use Shopware\Core\Framework\Routing\KernelListenerPriorities;
  11. use Shopware\Core\Framework\Util\Random;
  12. use Shopware\Core\PlatformRequest;
  13. use Shopware\Core\SalesChannelRequest;
  14. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextServiceInterface;
  15. use Shopware\Storefront\Controller\ErrorController;
  16. use Shopware\Storefront\Event\StorefrontRenderEvent;
  17. use Shopware\Storefront\Framework\Csrf\CsrfPlaceholderHandler;
  18. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  19. use Symfony\Component\HttpFoundation\RedirectResponse;
  20. use Symfony\Component\HttpFoundation\RequestStack;
  21. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  22. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  23. use Symfony\Component\HttpKernel\Event\RequestEvent;
  24. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  25. use Symfony\Component\HttpKernel\KernelEvents;
  26. use Symfony\Component\Routing\RouterInterface;
  28. class StorefrontSubscriber implements EventSubscriberInterface
  29. {
  30.     /**
  31.      * @var RequestStack
  32.      */
  33.     private $requestStack;
  35.     /**
  36.      * @var RouterInterface
  37.      */
  38.     private $router;
  40.     /**
  41.      * @var ErrorController
  42.      */
  43.     private $errorController;
  45.     /**
  46.      * @var SalesChannelContextServiceInterface
  47.      */
  48.     private $contextService;
  50.     /**
  51.      * @var bool
  52.      */
  53.     private $kernelDebug;
  55.     /**
  56.      * @var CsrfPlaceholderHandler
  57.      */
  58.     private $csrfPlaceholderHandler;
  60.     /**
  61.      * @var MaintenanceModeResolver
  62.      */
  63.     private $maintenanceModeResolver;
  65.     /**
  66.      * @var HreflangLoaderInterface
  67.      */
  68.     private $hreflangLoader;
  70.     public function __construct(
  71.         RequestStack $requestStack,
  72.         RouterInterface $router,
  73.         ErrorController $errorController,
  74.         SalesChannelContextServiceInterface $contextService,
  75.         CsrfPlaceholderHandler $csrfPlaceholderHandler,
  76.         HreflangLoaderInterface $hreflangLoader,
  77.         bool $kernelDebug,
  78.         MaintenanceModeResolver $maintenanceModeResolver
  79.     ) {
  80.         $this->requestStack $requestStack;
  81.         $this->router $router;
  82.         $this->errorController $errorController;
  83.         $this->contextService $contextService;
  84.         $this->kernelDebug $kernelDebug;
  85.         $this->csrfPlaceholderHandler $csrfPlaceholderHandler;
  86.         $this->maintenanceModeResolver $maintenanceModeResolver;
  87.         $this->hreflangLoader $hreflangLoader;
  88.     }
  90.     public static function getSubscribedEvents(): array
  91.     {
  92.         return [
  93.             KernelEvents::REQUEST => [
  94.                 ['startSession'40],
  95.                 ['maintenanceResolver'],
  96.             ],
  97.             KernelEvents::EXCEPTION => [
  98.                 ['showHtmlExceptionResponse', -100],
  99.                 ['customerNotLoggedInHandler'],
  100.                 ['maintenanceResolver'],
  101.             ],
  102.             KernelEvents::CONTROLLER => [
  103.                 ['preventPageLoadingFromXmlHttpRequest'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  104.             ],
  105.             CustomerLoginEvent::class => [
  106.                 'updateSession',
  107.             ],
  108.             BeforeSendResponseEvent::class => [
  109.                 ['replaceCsrfToken'],
  110.                 ['setCanonicalUrl'],
  111.             ],
  112.             StorefrontRenderEvent::class => [
  113.                 ['addHreflang'],
  114.             ],
  115.         ];
  116.     }
  118.     public function startSession(): void
  119.     {
  120.         $master $this->requestStack->getMasterRequest();
  122.         if (!$master) {
  123.             return;
  124.         }
  125.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  126.             return;
  127.         }
  129.         if (!$master->hasSession()) {
  130.             return;
  131.         }
  133.         $session $master->getSession();
  134.         $applicationId $master->attributes->get(PlatformRequest::ATTRIBUTE_OAUTH_CLIENT_ID);
  136.         if (!$session->isStarted()) {
  137.             $session->setName('session-' $applicationId);
  138.             $session->start();
  139.             $session->set('sessionId'$session->getId());
  140.         }
  142.         if (!$session->has(PlatformRequest::HEADER_CONTEXT_TOKEN)) {
  143.             $token Random::getAlphanumericString(32);
  144.             $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  145.         }
  147.         $master->headers->set(
  148.             PlatformRequest::HEADER_CONTEXT_TOKEN,
  149.             $session->get(PlatformRequest::HEADER_CONTEXT_TOKEN)
  150.         );
  151.     }
  153.     public function updateSession(CustomerLoginEvent $event): void
  154.     {
  155.         $master $this->requestStack->getMasterRequest();
  156.         if (!$master) {
  157.             return;
  158.         }
  159.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  160.             return;
  161.         }
  163.         if (!$master->hasSession()) {
  164.             return;
  165.         }
  167.         $session $master->getSession();
  168.         $session->migrate();
  169.         $session->set('sessionId'$session->getId());
  171.         $token $event->getContextToken();
  172.         $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  173.         $master->headers->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  174.     }
  176.     public function showHtmlExceptionResponse(ExceptionEvent $event): void
  177.     {
  178.         if ($this->kernelDebug) {
  179.             return;
  180.         }
  182.         if (!$event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  183.             //When no saleschannel context is resolved, we need to resolve it now.
  184.             $this->setSalesChannelContext($event);
  185.         }
  187.         if ($event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  188.             $event->stopPropagation();
  189.             $response $this->errorController->error(
  190.                 $event->getThrowable(),
  191.                 $this->requestStack->getMasterRequest(),
  192.                 $event->getRequest()->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)
  193.             );
  194.             $event->setResponse($response);
  195.         }
  196.     }
  198.     public function customerNotLoggedInHandler(ExceptionEvent $event): void
  199.     {
  200.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  201.             return;
  202.         }
  204.         if (!$event->getThrowable() instanceof CustomerNotLoggedInException) {
  205.             return;
  206.         }
  208.         $request $event->getRequest();
  210.         $parameters = [
  211.             'redirectTo' => $request->attributes->get('_route'),
  212.             'redirectParameters' => json_encode($request->attributes->get('_route_params')),
  213.         ];
  215.         $redirectResponse = new RedirectResponse($this->router->generate('frontend.account.login.page'$parameters));
  217.         $event->setResponse($redirectResponse);
  218.     }
  220.     public function maintenanceResolver(RequestEvent $event): void
  221.     {
  222.         if ($this->maintenanceModeResolver->shouldRedirect($event->getRequest())) {
  223.             $event->setResponse(
  224.                 new RedirectResponse($this->router->generate('frontend.maintenance.page'))
  225.             );
  226.         }
  227.     }
  229.     public function preventPageLoadingFromXmlHttpRequest(ControllerEvent $event): void
  230.     {
  231.         if (!$event->getRequest()->isXmlHttpRequest()) {
  232.             return;
  233.         }
  235.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  236.             return;
  237.         }
  239.         $controller $event->getController();
  241.         // happens if Controller is a closure
  242.         if (!is_array($controller)) {
  243.             return;
  244.         }
  246.         $isAllowed $event->getRequest()->attributes->getBoolean('XmlHttpRequest'false);
  248.         if ($isAllowed) {
  249.             return;
  250.         }
  252.         throw new AccessDeniedHttpException('PageController can\'t be requested via XmlHttpRequest.');
  253.     }
  255.     public function setCanonicalUrl(BeforeSendResponseEvent $event): void
  256.     {
  257.         if (!$event->getResponse()->isSuccessful()) {
  258.             return;
  259.         }
  261.         if ($canonical $event->getRequest()->attributes->get(SalesChannelRequest::ATTRIBUTE_CANONICAL_LINK)) {
  262.             $canonical sprintf('<%s>; rel="canonical"'$canonical);
  263.             $event->getResponse()->headers->set('Link'$canonical);
  264.         }
  265.     }
  267.     public function replaceCsrfToken(BeforeSendResponseEvent $event): void
  268.     {
  269.         $event->setResponse(
  270.             $this->csrfPlaceholderHandler->replaceCsrfToken($event->getResponse())
  271.         );
  272.     }
  274.     public function addHreflang(StorefrontRenderEvent $event): void
  275.     {
  276.         $request $event->getRequest();
  277.         $route $request->attributes->get('_route');
  279.         if ($route === null) {
  280.             return;
  281.         }
  283.         $routeParams $request->attributes->get('_route_params', []);
  284.         $salesChannelContext $request->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  285.         $parameter = new HreflangLoaderParameter($route$routeParams$salesChannelContext);
  286.         $event->setParameter('hrefLang'$this->hreflangLoader->load($parameter));
  287.     }
  289.     private function setSalesChannelContext(ExceptionEvent $event): void
  290.     {
  291.         $contextToken $event->getRequest()->headers->get(PlatformRequest::HEADER_CONTEXT_TOKEN);
  292.         $salesChannelId $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID);
  294.         $context $this->contextService->get(
  295.             $salesChannelId,
  296.             $contextToken,
  297.             $event->getRequest()->headers->get(PlatformRequest::HEADER_LANGUAGE_ID)
  298.         );
  299.         $event->getRequest()->attributes->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT$context);
  300.     }
  301. }