vendor/hwi/oauth-bundle/src/Controller/RedirectToServiceController.php line 43

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the HWIOAuthBundle package.
  5.  *
  6.  * (c) Hardware Info <opensource@hardware.info>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace HWI\Bundle\OAuthBundle\Controller;
  14. use HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMapLocator;
  15. use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
  16. use HWI\Bundle\OAuthBundle\Util\DomainWhitelist;
  17. use Symfony\Component\HttpFoundation\Exception\SessionNotFoundException;
  18. use Symfony\Component\HttpFoundation\RedirectResponse;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  21. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  23. /**
  24.  * @author Alexander <iam.asm89@gmail.com>
  25.  *
  26.  * @internal
  27.  */
  28. final class RedirectToServiceController
  29. {
  30.     public function __construct(
  31.         private readonly OAuthUtils $oauthUtils,
  32.         private readonly DomainWhitelist $domainWhitelist,
  33.         private readonly ResourceOwnerMapLocator $resourceOwnerMapLocator,
  34.         private readonly ?string $targetPathParameter,
  35.         private readonly bool $failedUseReferer,
  36.         private readonly bool $useReferer
  37.     ) {
  38.     }
  40.     /**
  41.      * @throws NotFoundHttpException
  42.      */
  43.     public function redirectToServiceAction(Request $requeststring $service): RedirectResponse
  44.     {
  45.         try {
  46.             $authorizationUrl $this->oauthUtils->getAuthorizationUrl($request$service);
  47.         } catch (\RuntimeException $e) {
  48.             throw new NotFoundHttpException($e->getMessage(), $e);
  49.         }
  51.         $this->storeReturnPath($request$authorizationUrl);
  53.         return new RedirectResponse($authorizationUrl);
  54.     }
  56.     private function storeReturnPath(Request $requeststring $authorizationUrl): void
  57.     {
  58.         try {
  59.             $session $request->getSession();
  60.         } catch (SessionNotFoundException $e) {
  61.             return;
  62.         }
  64.         $param $this->targetPathParameter;
  66.         foreach ($this->resourceOwnerMapLocator->getFirewallNames() as $firewallName) {
  67.             $sessionKey '_security.'.$firewallName.'.target_path';
  68.             $sessionKeyFailure '_security.'.$firewallName.'.failed_target_path';
  70.             if (!empty($param) && $targetUrl $request->get($param)) {
  71.                 if (!$this->domainWhitelist->isValidTargetUrl($targetUrl)) {
  72.                     throw new AccessDeniedHttpException('Not allowed to redirect to '.$targetUrl);
  73.                 }
  75.                 $session->set($sessionKey$targetUrl);
  76.             }
  78.             if ($this->failedUseReferer && !$session->has($sessionKeyFailure) && ($targetUrl $request->headers->get('Referer')) && $targetUrl !== $authorizationUrl) {
  79.                 $session->set($sessionKeyFailure$targetUrl);
  80.             }
  82.             if ($this->useReferer && !$session->has($sessionKey) && ($targetUrl $request->headers->get('Referer')) && $targetUrl !== $authorizationUrl) {
  83.                 $session->set($sessionKey$targetUrl);
  84.             }
  85.         }
  86.     }
  87. }