vendor/shopware/storefront/Framework/Routing/StorefrontSubscriber.php line 245

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Framework\Routing;
  5. use Shopware\Core\Checkout\Cart\Exception\CustomerNotLoggedInException;
  6. use Shopware\Core\Checkout\Customer\Event\CustomerLoginEvent;
  7. use Shopware\Core\Checkout\Customer\Event\CustomerLogoutEvent;
  8. use Shopware\Core\Content\Seo\HreflangLoaderInterface;
  9. use Shopware\Core\Content\Seo\HreflangLoaderParameter;
  10. use Shopware\Core\Framework\App\ActiveAppsLoader;
  11. use Shopware\Core\Framework\App\Exception\AppUrlChangeDetectedException;
  12. use Shopware\Core\Framework\App\ShopId\ShopIdProvider;
  13. use Shopware\Core\Framework\Event\BeforeSendResponseEvent;
  14. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  15. use Shopware\Core\Framework\Routing\KernelListenerPriorities;
  16. use Shopware\Core\Framework\Util\Random;
  17. use Shopware\Core\PlatformRequest;
  18. use Shopware\Core\SalesChannelRequest;
  19. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextServiceInterface;
  20. use Shopware\Core\System\SalesChannel\SalesChannelContext;
  21. use Shopware\Storefront\Controller\ErrorController;
  22. use Shopware\Storefront\Event\StorefrontRenderEvent;
  23. use Shopware\Storefront\Framework\Csrf\CsrfPlaceholderHandler;
  24. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  25. use Symfony\Component\HttpFoundation\RedirectResponse;
  26. use Symfony\Component\HttpFoundation\RequestStack;
  27. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  28. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  29. use Symfony\Component\HttpKernel\Event\RequestEvent;
  30. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  31. use Symfony\Component\HttpKernel\KernelEvents;
  32. use Symfony\Component\Routing\RouterInterface;
  34. class StorefrontSubscriber implements EventSubscriberInterface
  35. {
  36.     /**
  37.      * @var RequestStack
  38.      */
  39.     private $requestStack;
  41.     /**
  42.      * @var RouterInterface
  43.      */
  44.     private $router;
  46.     /**
  47.      * @var ErrorController
  48.      */
  49.     private $errorController;
  51.     /**
  52.      * @var SalesChannelContextServiceInterface
  53.      */
  54.     private $contextService;
  56.     /**
  57.      * @var bool
  58.      */
  59.     private $kernelDebug;
  61.     /**
  62.      * @var CsrfPlaceholderHandler
  63.      */
  64.     private $csrfPlaceholderHandler;
  66.     /**
  67.      * @var MaintenanceModeResolver
  68.      */
  69.     private $maintenanceModeResolver;
  71.     /**
  72.      * @var HreflangLoaderInterface
  73.      */
  74.     private $hreflangLoader;
  76.     /**
  77.      * @var ShopIdProvider
  78.      */
  79.     private $shopIdProvider;
  81.     /**
  82.      * @var ActiveAppsLoader
  83.      */
  84.     private $activeAppsLoader;
  86.     public function __construct(
  87.         RequestStack $requestStack,
  88.         RouterInterface $router,
  89.         ErrorController $errorController,
  90.         SalesChannelContextServiceInterface $contextService,
  91.         CsrfPlaceholderHandler $csrfPlaceholderHandler,
  92.         HreflangLoaderInterface $hreflangLoader,
  93.         bool $kernelDebug,
  94.         MaintenanceModeResolver $maintenanceModeResolver,
  95.         ShopIdProvider $shopIdProvider,
  96.         ActiveAppsLoader $activeAppsLoader
  97.     ) {
  98.         $this->requestStack $requestStack;
  99.         $this->router $router;
  100.         $this->errorController $errorController;
  101.         $this->contextService $contextService;
  102.         $this->kernelDebug $kernelDebug;
  103.         $this->csrfPlaceholderHandler $csrfPlaceholderHandler;
  104.         $this->maintenanceModeResolver $maintenanceModeResolver;
  105.         $this->hreflangLoader $hreflangLoader;
  106.         $this->shopIdProvider $shopIdProvider;
  107.         $this->activeAppsLoader $activeAppsLoader;
  108.     }
  110.     public static function getSubscribedEvents(): array
  111.     {
  112.         return [
  113.             KernelEvents::REQUEST => [
  114.                 ['startSession'40],
  115.                 ['maintenanceResolver'],
  116.             ],
  117.             KernelEvents::EXCEPTION => [
  118.                 ['showHtmlExceptionResponse', -100],
  119.                 ['customerNotLoggedInHandler'],
  120.                 ['maintenanceResolver'],
  121.             ],
  122.             KernelEvents::CONTROLLER => [
  123.                 ['preventPageLoadingFromXmlHttpRequest'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  124.             ],
  125.             CustomerLoginEvent::class => [
  126.                 'updateSessionAfterLogin',
  127.             ],
  128.             CustomerLogoutEvent::class => [
  129.                 'updateSessionAfterLogout',
  130.             ],
  131.             BeforeSendResponseEvent::class => [
  132.                 ['replaceCsrfToken'],
  133.                 ['setCanonicalUrl'],
  134.             ],
  135.             StorefrontRenderEvent::class => [
  136.                 ['addHreflang'],
  137.                 ['addShopIdParameter'],
  138.             ],
  139.         ];
  140.     }
  142.     public function startSession(): void
  143.     {
  144.         $master $this->requestStack->getMasterRequest();
  146.         if (!$master) {
  147.             return;
  148.         }
  149.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  150.             return;
  151.         }
  153.         if (!$master->hasSession()) {
  154.             return;
  155.         }
  157.         $session $master->getSession();
  158.         $applicationId $master->attributes->get(PlatformRequest::ATTRIBUTE_OAUTH_CLIENT_ID);
  160.         if (!$session->isStarted()) {
  161.             $session->setName('session-' $applicationId);
  162.             $session->start();
  163.             $session->set('sessionId'$session->getId());
  164.         }
  166.         $salesChannelId $master->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID);
  167.         if ($salesChannelId === null) {
  168.             /** @var SalesChannelContext|null $salesChannelContext */
  169.             $salesChannelContext $master->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  170.             if ($salesChannelContext !== null) {
  171.                 $salesChannelId $salesChannelContext->getSalesChannel()->getId();
  172.             }
  173.         }
  175.         if (!$session->has(PlatformRequest::HEADER_CONTEXT_TOKEN) || $session->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID) !== $salesChannelId) {
  176.             $token Random::getAlphanumericString(32);
  177.             $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  178.             $session->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID$salesChannelId);
  179.         }
  181.         $master->headers->set(
  182.             PlatformRequest::HEADER_CONTEXT_TOKEN,
  183.             $session->get(PlatformRequest::HEADER_CONTEXT_TOKEN)
  184.         );
  185.     }
  187.     public function updateSessionAfterLogin(CustomerLoginEvent $event): void
  188.     {
  189.         $token $event->getContextToken();
  191.         $this->updateSession($token);
  192.     }
  194.     public function updateSessionAfterLogout(CustomerLogoutEvent $event): void
  195.     {
  196.         $newToken $event->getSalesChannelContext()->getToken();
  198.         $this->updateSession($newToken);
  199.     }
  201.     public function updateSession(string $token): void
  202.     {
  203.         $master $this->requestStack->getMasterRequest();
  204.         if (!$master) {
  205.             return;
  206.         }
  207.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  208.             return;
  209.         }
  211.         if (!$master->hasSession()) {
  212.             return;
  213.         }
  215.         $session $master->getSession();
  216.         $session->migrate();
  217.         $session->set('sessionId'$session->getId());
  219.         $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  220.         $master->headers->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  221.     }
  223.     public function showHtmlExceptionResponse(ExceptionEvent $event): void
  224.     {
  225.         if ($this->kernelDebug) {
  226.             return;
  227.         }
  229.         if (!$event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  230.             //When no saleschannel context is resolved, we need to resolve it now.
  231.             $this->setSalesChannelContext($event);
  232.         }
  234.         if ($event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  235.             $event->stopPropagation();
  236.             $response $this->errorController->error(
  237.                 $event->getThrowable(),
  238.                 $this->requestStack->getMasterRequest(),
  239.                 $event->getRequest()->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)
  240.             );
  241.             $event->setResponse($response);
  242.         }
  243.     }
  245.     public function customerNotLoggedInHandler(ExceptionEvent $event): void
  246.     {
  247.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  248.             return;
  249.         }
  251.         if (!$event->getThrowable() instanceof CustomerNotLoggedInException) {
  252.             return;
  253.         }
  255.         $request $event->getRequest();
  257.         $parameters = [
  258.             'redirectTo' => $request->attributes->get('_route'),
  259.             'redirectParameters' => json_encode($request->attributes->get('_route_params')),
  260.         ];
  262.         $redirectResponse = new RedirectResponse($this->router->generate('frontend.account.login.page'$parameters));
  264.         $event->setResponse($redirectResponse);
  265.     }
  267.     public function maintenanceResolver(RequestEvent $event): void
  268.     {
  269.         if ($this->maintenanceModeResolver->shouldRedirect($event->getRequest())) {
  270.             $event->setResponse(
  271.                 new RedirectResponse(
  272.                     $this->router->generate('frontend.maintenance.page'),
  273.                     RedirectResponse::HTTP_TEMPORARY_REDIRECT
  274.                 )
  275.             );
  276.         }
  277.     }
  279.     public function preventPageLoadingFromXmlHttpRequest(ControllerEvent $event): void
  280.     {
  281.         if (!$event->getRequest()->isXmlHttpRequest()) {
  282.             return;
  283.         }
  285.         /** @var RouteScope $scope */
  286.         $scope $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, new RouteScope(['scopes' => []]));
  287.         if (!$scope->hasScope(StorefrontRouteScope::ID)) {
  288.             return;
  289.         }
  291.         $controller $event->getController();
  293.         // happens if Controller is a closure
  294.         if (!is_array($controller)) {
  295.             return;
  296.         }
  298.         $isAllowed $event->getRequest()->attributes->getBoolean('XmlHttpRequest'false);
  300.         if ($isAllowed) {
  301.             return;
  302.         }
  304.         throw new AccessDeniedHttpException('PageController can\'t be requested via XmlHttpRequest.');
  305.     }
  307.     public function setCanonicalUrl(BeforeSendResponseEvent $event): void
  308.     {
  309.         if (!$event->getResponse()->isSuccessful()) {
  310.             return;
  311.         }
  313.         if ($canonical $event->getRequest()->attributes->get(SalesChannelRequest::ATTRIBUTE_CANONICAL_LINK)) {
  314.             $canonical sprintf('<%s>; rel="canonical"'$canonical);
  315.             $event->getResponse()->headers->set('Link'$canonical);
  316.         }
  317.     }
  319.     public function replaceCsrfToken(BeforeSendResponseEvent $event): void
  320.     {
  321.         $event->setResponse(
  322.             $this->csrfPlaceholderHandler->replaceCsrfToken($event->getResponse(), $event->getRequest())
  323.         );
  324.     }
  326.     public function addHreflang(StorefrontRenderEvent $event): void
  327.     {
  328.         $request $event->getRequest();
  329.         $route $request->attributes->get('_route');
  331.         if ($route === null) {
  332.             return;
  333.         }
  335.         $routeParams $request->attributes->get('_route_params', []);
  336.         $salesChannelContext $request->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  337.         $parameter = new HreflangLoaderParameter($route$routeParams$salesChannelContext);
  338.         $event->setParameter('hrefLang'$this->hreflangLoader->load($parameter));
  339.     }
  341.     public function addShopIdParameter(StorefrontRenderEvent $event): void
  342.     {
  343.         if (!$this->activeAppsLoader->getActiveApps()) {
  344.             return;
  345.         }
  347.         try {
  348.             $shopId $this->shopIdProvider->getShopId();
  349.         } catch (AppUrlChangeDetectedException $e) {
  350.             return;
  351.         }
  353.         $event->setParameter('appShopId'$shopId);
  354.         /*
  355.          * @deprecated tag:v6.4.0 use `appShopId` instead
  356.          */
  357.         $event->setParameter('swagShopId'$shopId);
  358.     }
  360.     private function setSalesChannelContext(ExceptionEvent $event): void
  361.     {
  362.         $contextToken $event->getRequest()->headers->get(PlatformRequest::HEADER_CONTEXT_TOKEN);
  363.         $salesChannelId $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID);
  365.         $context $this->contextService->get(
  366.             $salesChannelId,
  367.             $contextToken,
  368.             $event->getRequest()->headers->get(PlatformRequest::HEADER_LANGUAGE_ID),
  369.             $event->getRequest()->attributes->get(SalesChannelRequest::ATTRIBUTE_DOMAIN_CURRENCY_ID)
  370.         );
  371.         $event->getRequest()->attributes->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT$context);
  372.     }
  373. }