custom/plugins/MoorlSignIn/src/Core/Subscriber/KernelEventSubscriber.php line 124

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Moorl\SignIn\Core\Subscriber;
  5. use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
  6. use Moorl\SignIn\Core\Service\SignInService;
  7. use Moorl\SignIn\MoorlSignIn;
  8. use Shopware\Core\Checkout\Customer\Event\CustomerLoginEvent;
  9. use Shopware\Core\Checkout\Customer\Event\CustomerLogoutEvent;
  10. use Shopware\Core\Framework\Adapter\Cache\CacheStateSubscriber;
  11. use Shopware\Core\Framework\Context;
  12. use Shopware\Core\Framework\Log\LoggerFactory;
  13. use Shopware\Core\Framework\Uuid\Uuid;
  14. use Shopware\Core\SalesChannelRequest;
  15. use Shopware\Core\System\SystemConfig\SystemConfigService;
  16. use Shopware\Storefront\Framework\Cache\CacheResponseSubscriber;
  17. use Shopware\Storefront\Framework\Cache\Event\HttpCacheGenerateKeyEvent;
  18. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  19. use Symfony\Component\HttpFoundation\RedirectResponse;
  20. use Symfony\Component\HttpFoundation\RequestStack;
  21. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  22. use Symfony\Component\HttpKernel\Event\RequestEvent;
  23. use Symfony\Component\HttpKernel\KernelEvents;
  24. use Symfony\Component\Routing\RouterInterface;
  25. use Psr\Log\LoggerInterface;
  26. use Monolog\Logger;
  28. class KernelEventSubscriber implements EventSubscriberInterface
  29. {
  30.     private SystemConfigService $systemConfigService;
  31.     private RequestStack $requestStack;
  32.     private RouterInterface $router;
  33.     private SignInService $signInService;
  34.     private LoggerInterface $logger;
  36.     public function __construct(
  37.         RequestStack $requestStack,
  38.         RouterInterface $router,
  39.         SystemConfigService $systemConfigService,
  40.         SignInService $signInService,
  41.         LoggerFactory $loggerFactory
  42.     ) {
  43.         $this->requestStack $requestStack;
  44.         $this->router $router;
  45.         $this->systemConfigService $systemConfigService;
  46.         $this->signInService $signInService;
  48.         $this->logger $loggerFactory->createRotating(
  49.             'moorl_sign_in',
  50.             7,
  51.             (int) $systemConfigService->get('MoorlSignIn.config.logLevel') ?: Logger::DEBUG
  52.         );
  53.     }
  55.     public static function getSubscribedEvents(): array
  56.     {
  57.         return [
  58.             KernelEvents::REQUEST => 'checkToken',
  59.             KernelEvents::EXCEPTION => 'tokenNotSetHandler',
  60.             HttpCacheGenerateKeyEvent::class => 'onHttpCacheGenerateKeyEvent',
  61.             CustomerLoginEvent::class => 'onCustomerLogin',
  62.             CustomerLogoutEvent::class => 'onCustomerLogout'
  63.         ];
  64.     }
  66.     public function onHttpCacheGenerateKeyEvent(HttpCacheGenerateKeyEvent $event): void
  67.     {
  68.         $request $event->getRequest();
  69.         $systemState $request->cookies->get(CacheResponseSubscriber::SYSTEM_STATE_COOKIE);
  70.         if (!$systemState) {
  71.             return;
  72.         }
  74.         $isLoggedIn mb_strpos($systemStateCacheStateSubscriber::STATE_LOGGED_IN) !== false;
  75.         if (!$isLoggedIn) {
  76.             return;
  77.         }
  79.         $hash $event->getHash();
  80.         $hash hash('sha256'$hash '-' serialize(CacheStateSubscriber::STATE_LOGGED_IN));
  81.         $event->setHash($hash);
  82.     }
  84.     public function onCustomerLogin(CustomerLoginEvent $event): void
  85.     {
  86.         $master $this->requestStack->getMasterRequest();
  87.         $session $master->getSession();
  88.         $session->set(MoorlSignIn::SKIP_CHECK_TOKENtrue);
  89.     }
  91.     public function onCustomerLogout(CustomerLogoutEvent $event): void
  92.     {
  93.         $master $this->requestStack->getMasterRequest();
  94.         $session $master->getSession();
  95.         $session->remove(MoorlSignIn::SKIP_CHECK_TOKEN);
  96.     }
  98.     public function tokenNotSetHandler(ExceptionEvent $event): void
  99.     {
  100.         if (!$event->getThrowable() instanceof IdentityProviderException) {
  101.             return;
  102.         }
  104.         $redirectUrl $this->systemConfigService->get('MoorlSignIn.config.redirectUrl');
  105.         if (!$redirectUrl) {
  106.             return;
  107.         }
  109.         $redirectResponse = new RedirectResponse($redirectUrl);
  110.         $event->setResponse($redirectResponse);
  111.     }
  113.     public function checkToken(RequestEvent $event): void
  114.     {
  115.         // Is is not sales channel request then do nothing
  116.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  117.             return;
  118.         }
  119.         $salesChannelId $event->getRequest()->attributes->get('sw-sales-channel-id');
  120.         if (!$salesChannelId) {
  121.             return;
  122.         }
  124.         $master $this->requestStack->getMasterRequest();
  126.         $routeBlacklist $this->systemConfigService->get('MoorlSignIn.config.routeBlacklist'$salesChannelId);
  127.         if ($routeBlacklist) {
  128.             if (!in_array($master->attributes->get('_route'), $routeBlacklist)) {
  129.                 return;
  130.             }
  131.         }
  133.         // If no redirect set, do nothing
  134.         $redirectTo $this->systemConfigService->get('MoorlSignIn.config.redirectTo'$salesChannelId);
  135.         if (!$redirectTo) {
  136.             return;
  137.         }
  139.         if ($redirectTo === 'redirectUrl') {
  140.             // Fixed redirect
  141.             $redirectResponse = new RedirectResponse(
  142.                 $this->systemConfigService->get('MoorlSignIn.config.redirectUrl'$salesChannelId)
  143.             );
  144.         } else {
  145.             // Router redirect
  146.             $redirectResponse = new RedirectResponse(
  147.                 $this->router->generate($redirectTo$master->query->all())
  148.             );
  149.         }
  151.         $redirectActive $this->systemConfigService->get('MoorlSignIn.config.redirectActive'$salesChannelId);
  153.         // No Session set, Redirect is Active
  154.         if ((!$master || !$master->hasSession()) && $redirectActive) {
  155.             $this->logger->info('No Session set, Redirect is Active');
  156.             $event->setResponse($redirectResponse);
  157.             return;
  158.         }
  160.         $session $master->getSession();
  162.         $lastPage $master->server->get('REQUEST_SCHEME') .  '://' $master->server->get('HTTP_HOST') . $master->server->get('REDIRECT_URL');
  164.         // Fetch query data
  165.         $queryData $master->query->all();
  167.         // Get name of query param for the token
  168.         $queryParam $this->systemConfigService->get('MoorlSignIn.config.tokenQueryParam'$salesChannelId);
  170.         // Token is not set by default
  171.         $token null;
  173.         if ($queryParam) {
  174.             $token $master->query->get($queryParam);
  175.             // Remove token query param and rebuild other query data
  176.             unset($queryData[$queryParam]);
  177.         }
  179.         if ($queryData) {
  180.             // Last page with GET params but no token
  181.             $lastPageAll $lastPage '?' http_build_query($queryData);
  182.         } else {
  183.             // Last page
  184.             $lastPageAll $lastPage;
  185.         }
  187.         // Remember last page
  188.         $session->set(MoorlSignIn::LAST_KNOWN_PAGE$lastPageAll);
  190.         $isLoggedIn $session->get(MoorlSignIn::SKIP_CHECK_TOKEN);
  192.         // User not Logged In, No Token Set, Redirect is Active
  193.         if (!$isLoggedIn && !$token && $redirectActive) {
  194.             $this->logger->info('User not Logged In, No Token Set, Redirect is Active');
  195.             $event->setResponse($redirectResponse);
  196.             return;
  197.         }
  199.         // Token Set
  200.         if ($token) {
  201.             $this->logger->info('Token Set'$master->query->all());
  203.             if ($master->query->get('PayerID') || $master->query->get('_sw_payment_token')) {
  204.                 $this->logger->info('Payment token detected');
  205.                 return; // Skip PayPal token
  206.             }
  208.             $state Uuid::randomHex();
  209.             $providerName $this->systemConfigService->get('MoorlSignIn.config.tokenProvider'$salesChannelId);
  211.             $data = [
  212.                 'provider' => $providerName,
  213.                 'lastPage' => $lastPage,
  214.                 'lastPageAll' => $lastPageAll,
  215.                 'token' => $token,
  216.                 'state' => $state
  217.             ];
  219.             $this->logger->info('Create new login session'$data);
  221.             $this->signInService->createSession($dataContext::createDefaultContext());
  223.             $redirectResponse = new RedirectResponse($this->router->generate('moorl.oauth2.login', ['state' => $state]));
  224.             $event->setResponse($redirectResponse);
  226.             sleep(1);
  228.             return;
  229.         }
  231.         $this->logger->info('No Token Set'$master->query->all());
  233.         // User not Logged In, Redirect is Active
  234.         if (!$isLoggedIn && $redirectActive) {
  235.             $this->logger->info('User not Logged In, Redirect is Active');
  237.             $event->setResponse($redirectResponse);
  238.         }
  239.     }
  240. }