vendor/shopware/storefront/Framework/Routing/StorefrontSubscriber.php line 218

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Framework\Routing;
  5. use Shopware\Core\Checkout\Cart\Exception\CustomerNotLoggedInException;
  6. use Shopware\Core\Checkout\Customer\Event\CustomerLoginEvent;
  7. use Shopware\Core\Content\Seo\HreflangLoaderInterface;
  8. use Shopware\Core\Content\Seo\HreflangLoaderParameter;
  9. use Shopware\Core\Framework\App\ActiveAppsLoader;
  10. use Shopware\Core\Framework\App\Exception\AppUrlChangeDetectedException;
  11. use Shopware\Core\Framework\App\ShopId\ShopIdProvider;
  12. use Shopware\Core\Framework\Event\BeforeSendResponseEvent;
  13. use Shopware\Core\Framework\Feature;
  14. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  15. use Shopware\Core\Framework\Routing\KernelListenerPriorities;
  16. use Shopware\Core\Framework\Util\Random;
  17. use Shopware\Core\PlatformRequest;
  18. use Shopware\Core\SalesChannelRequest;
  19. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextServiceInterface;
  20. use Shopware\Storefront\Controller\ErrorController;
  21. use Shopware\Storefront\Event\StorefrontRenderEvent;
  22. use Shopware\Storefront\Framework\Csrf\CsrfPlaceholderHandler;
  23. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  24. use Symfony\Component\HttpFoundation\RedirectResponse;
  25. use Symfony\Component\HttpFoundation\RequestStack;
  26. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  27. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  28. use Symfony\Component\HttpKernel\Event\RequestEvent;
  29. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  30. use Symfony\Component\HttpKernel\KernelEvents;
  31. use Symfony\Component\Routing\RouterInterface;
  33. class StorefrontSubscriber implements EventSubscriberInterface
  34. {
  35.     /**
  36.      * @var RequestStack
  37.      */
  38.     private $requestStack;
  40.     /**
  41.      * @var RouterInterface
  42.      */
  43.     private $router;
  45.     /**
  46.      * @var ErrorController
  47.      */
  48.     private $errorController;
  50.     /**
  51.      * @var SalesChannelContextServiceInterface
  52.      */
  53.     private $contextService;
  55.     /**
  56.      * @var bool
  57.      */
  58.     private $kernelDebug;
  60.     /**
  61.      * @var CsrfPlaceholderHandler
  62.      */
  63.     private $csrfPlaceholderHandler;
  65.     /**
  66.      * @var MaintenanceModeResolver
  67.      */
  68.     private $maintenanceModeResolver;
  70.     /**
  71.      * @var HreflangLoaderInterface
  72.      */
  73.     private $hreflangLoader;
  75.     /**
  76.      * @var ShopIdProvider|null
  77.      */
  78.     private $shopIdProvider;
  80.     /**
  81.      * @var ActiveAppsLoader|null
  82.      */
  83.     private $activeAppsLoader;
  85.     public function __construct(
  86.         RequestStack $requestStack,
  87.         RouterInterface $router,
  88.         ErrorController $errorController,
  89.         SalesChannelContextServiceInterface $contextService,
  90.         CsrfPlaceholderHandler $csrfPlaceholderHandler,
  91.         HreflangLoaderInterface $hreflangLoader,
  92.         bool $kernelDebug,
  93.         MaintenanceModeResolver $maintenanceModeResolver,
  94.         ?ShopIdProvider $shopIdProvider,
  95.         ?ActiveAppsLoader $activeAppsLoader
  96.     ) {
  97.         $this->requestStack $requestStack;
  98.         $this->router $router;
  99.         $this->errorController $errorController;
  100.         $this->contextService $contextService;
  101.         $this->kernelDebug $kernelDebug;
  102.         $this->csrfPlaceholderHandler $csrfPlaceholderHandler;
  103.         $this->maintenanceModeResolver $maintenanceModeResolver;
  104.         $this->hreflangLoader $hreflangLoader;
  105.         $this->shopIdProvider $shopIdProvider;
  106.         $this->activeAppsLoader $activeAppsLoader;
  107.     }
  109.     public static function getSubscribedEvents(): array
  110.     {
  111.         return [
  112.             KernelEvents::REQUEST => [
  113.                 ['startSession'40],
  114.                 ['maintenanceResolver'],
  115.             ],
  116.             KernelEvents::EXCEPTION => [
  117.                 ['showHtmlExceptionResponse', -100],
  118.                 ['customerNotLoggedInHandler'],
  119.                 ['maintenanceResolver'],
  120.             ],
  121.             KernelEvents::CONTROLLER => [
  122.                 ['preventPageLoadingFromXmlHttpRequest'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  123.             ],
  124.             CustomerLoginEvent::class => [
  125.                 'updateSession',
  126.             ],
  127.             BeforeSendResponseEvent::class => [
  128.                 ['replaceCsrfToken'],
  129.                 ['setCanonicalUrl'],
  130.             ],
  131.             StorefrontRenderEvent::class => [
  132.                 ['addHreflang'],
  133.                 ['addShopIdParameter'],
  134.             ],
  135.         ];
  136.     }
  138.     public function startSession(): void
  139.     {
  140.         $master $this->requestStack->getMasterRequest();
  142.         if (!$master) {
  143.             return;
  144.         }
  145.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  146.             return;
  147.         }
  149.         if (!$master->hasSession()) {
  150.             return;
  151.         }
  153.         $session $master->getSession();
  154.         $applicationId $master->attributes->get(PlatformRequest::ATTRIBUTE_OAUTH_CLIENT_ID);
  156.         if (!$session->isStarted()) {
  157.             $session->setName('session-' $applicationId);
  158.             $session->start();
  159.             $session->set('sessionId'$session->getId());
  160.         }
  162.         if (!$session->has(PlatformRequest::HEADER_CONTEXT_TOKEN)) {
  163.             $token Random::getAlphanumericString(32);
  164.             $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  165.         }
  167.         $master->headers->set(
  168.             PlatformRequest::HEADER_CONTEXT_TOKEN,
  169.             $session->get(PlatformRequest::HEADER_CONTEXT_TOKEN)
  170.         );
  171.     }
  173.     public function updateSession(CustomerLoginEvent $event): void
  174.     {
  175.         $master $this->requestStack->getMasterRequest();
  176.         if (!$master) {
  177.             return;
  178.         }
  179.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  180.             return;
  181.         }
  183.         if (!$master->hasSession()) {
  184.             return;
  185.         }
  187.         $session $master->getSession();
  188.         $session->migrate();
  189.         $session->set('sessionId'$session->getId());
  191.         $token $event->getContextToken();
  192.         $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  193.         $master->headers->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  194.     }
  196.     public function showHtmlExceptionResponse(ExceptionEvent $event): void
  197.     {
  198.         if ($this->kernelDebug) {
  199.             return;
  200.         }
  202.         if (!$event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  203.             //When no saleschannel context is resolved, we need to resolve it now.
  204.             $this->setSalesChannelContext($event);
  205.         }
  207.         if ($event->getRequest()->attributes->has(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)) {
  208.             $event->stopPropagation();
  209.             $response $this->errorController->error(
  210.                 $event->getThrowable(),
  211.                 $this->requestStack->getMasterRequest(),
  212.                 $event->getRequest()->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT)
  213.             );
  214.             $event->setResponse($response);
  215.         }
  216.     }
  218.     public function customerNotLoggedInHandler(ExceptionEvent $event): void
  219.     {
  220.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  221.             return;
  222.         }
  224.         if (!$event->getThrowable() instanceof CustomerNotLoggedInException) {
  225.             return;
  226.         }
  228.         $request $event->getRequest();
  230.         $parameters = [
  231.             'redirectTo' => $request->attributes->get('_route'),
  232.             'redirectParameters' => json_encode($request->attributes->get('_route_params')),
  233.         ];
  235.         $redirectResponse = new RedirectResponse($this->router->generate('frontend.account.login.page'$parameters));
  237.         $event->setResponse($redirectResponse);
  238.     }
  240.     public function maintenanceResolver(RequestEvent $event): void
  241.     {
  242.         if ($this->maintenanceModeResolver->shouldRedirect($event->getRequest())) {
  243.             $event->setResponse(
  244.                 new RedirectResponse($this->router->generate('frontend.maintenance.page'))
  245.             );
  246.         }
  247.     }
  249.     public function preventPageLoadingFromXmlHttpRequest(ControllerEvent $event): void
  250.     {
  251.         if (!$event->getRequest()->isXmlHttpRequest()) {
  252.             return;
  253.         }
  255.         /** @var RouteScope $scope */
  256.         $scope $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, new RouteScope(['scopes' => []]));
  257.         if (!$scope->hasScope(StorefrontRouteScope::ID)) {
  258.             return;
  259.         }
  261.         $controller $event->getController();
  263.         // happens if Controller is a closure
  264.         if (!is_array($controller)) {
  265.             return;
  266.         }
  268.         $isAllowed $event->getRequest()->attributes->getBoolean('XmlHttpRequest'false);
  270.         if ($isAllowed) {
  271.             return;
  272.         }
  274.         throw new AccessDeniedHttpException('PageController can\'t be requested via XmlHttpRequest.');
  275.     }
  277.     public function setCanonicalUrl(BeforeSendResponseEvent $event): void
  278.     {
  279.         if (!$event->getResponse()->isSuccessful()) {
  280.             return;
  281.         }
  283.         if ($canonical $event->getRequest()->attributes->get(SalesChannelRequest::ATTRIBUTE_CANONICAL_LINK)) {
  284.             $canonical sprintf('<%s>; rel="canonical"'$canonical);
  285.             $event->getResponse()->headers->set('Link'$canonical);
  286.         }
  287.     }
  289.     public function replaceCsrfToken(BeforeSendResponseEvent $event): void
  290.     {
  291.         $event->setResponse(
  292.             $this->csrfPlaceholderHandler->replaceCsrfToken($event->getResponse(), $event->getRequest())
  293.         );
  294.     }
  296.     public function addHreflang(StorefrontRenderEvent $event): void
  297.     {
  298.         $request $event->getRequest();
  299.         $route $request->attributes->get('_route');
  301.         if ($route === null) {
  302.             return;
  303.         }
  305.         $routeParams $request->attributes->get('_route_params', []);
  306.         $salesChannelContext $request->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  307.         $parameter = new HreflangLoaderParameter($route$routeParams$salesChannelContext);
  308.         $event->setParameter('hrefLang'$this->hreflangLoader->load($parameter));
  309.     }
  311.     public function addShopIdParameter(StorefrontRenderEvent $event): void
  312.     {
  313.         // remove nullable props and on-invalid=null behaviour in service declaration
  314.         // when removing the feature flag
  315.         if (!$this->activeAppsLoader || !$this->shopIdProvider || !Feature::isActive('FEATURE_NEXT_10286')) {
  316.             return;
  317.         }
  319.         if (!$this->activeAppsLoader->getActiveApps()) {
  320.             return;
  321.         }
  323.         try {
  324.             $shopId $this->shopIdProvider->getShopId();
  325.         } catch (AppUrlChangeDetectedException $e) {
  326.             return;
  327.         }
  329.         $event->setParameter('appShopId'$shopId);
  330.         /*
  331.          * @deprecated tag:v6.4.0 use `appShopId` instead
  332.          */
  333.         $event->setParameter('swagShopId'$shopId);
  334.     }
  336.     private function setSalesChannelContext(ExceptionEvent $event): void
  337.     {
  338.         $contextToken $event->getRequest()->headers->get(PlatformRequest::HEADER_CONTEXT_TOKEN);
  339.         $salesChannelId $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID);
  341.         $context $this->contextService->get(
  342.             $salesChannelId,
  343.             $contextToken,
  344.             $event->getRequest()->headers->get(PlatformRequest::HEADER_LANGUAGE_ID)
  345.         );
  346.         $event->getRequest()->attributes->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT$context);
  347.     }
  348. }