Skip to content

Instantly share code, notes, and snippets.

@bwaidelich

bwaidelich/SiteRequestPattern.php

Last active June 6, 2019 12:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bwaidelich/768b224b008a0326ea3f7778e7625a59 to your computer and use it in GitHub Desktop.
Save bwaidelich/768b224b008a0326ea3f7778e7625a59 to your computer and use it in GitHub Desktop.
Download ZIP
Neos Flow Authentication Provider Request Pattern matching Neos Sites by their node name
Raw
SiteRequestPattern.php
<?php
declare(strict_types=1);
namespace Some\Package;
use Neos\Flow\Annotations as Flow;
use Neos\Flow\Mvc\ActionRequest;
use Neos\Flow\Mvc\RequestInterface;
use Neos\Flow\Security\Context;
use Neos\Flow\Security\Exception as SecurityException;
use Neos\Flow\Security\Exception\InvalidRequestPatternException;
use Neos\Flow\Security\RequestPatternInterface;
use Neos\Neos\Domain\Model\Domain;
use Neos\Neos\Domain\Repository\DomainRepository;
/**
* Request Pattern to match Neos Sites
*/
final class SiteRequestPattern implements RequestPatternInterface
{
/**
* @Flow\Inject
* @var DomainRepository
*/
protected $domainRepository;
/**
* @Flow\Inject
* @var Context
*/
protected $securityContext;
/**
* @var string
*/
private $siteNodeName;
/**
* @param array $options
* @throws InvalidRequestPatternException
*/
public function __construct(array $options)
{
if (!isset($options['siteNodeName'])) {
throw new InvalidRequestPatternException('Missing option "siteNodeName" in the Host request pattern configuration', 1559744836);
}
$this->siteNodeName = $options['siteNodeName'];
}
/**
* @param RequestInterface $request
* @return bool
* @throws SecurityException
*/
public function matchRequest(RequestInterface $request): bool
{
if (!$request instanceof ActionRequest) {
throw new SecurityException('This pattern can only act on instances of ActionRequest', 1559747092);
}
$hostName = $request->getHttpRequest()->getUri()->getHost();
/** @var Domain|null $domain */
$domain = null;
try {
$this->securityContext->withoutAuthorizationChecks(function () use ($hostName, &$domain) {
$domain = $this->domainRepository->findOneByHost($hostName, true);
});
} catch (\Exception $e) {
throw new SecurityException(sprintf('Exception while trying to determine active host: %s', $e->getMessage()), 1559747092, $e);
}
if ($domain === null) {
throw new SecurityException(sprintf('No active domain could be found for the current host ("%s")', $hostName), 1559747092);
}
$site = $domain->getSite();
// HACK the provider is currently triggered twice - the first time doctrine is not initialized properly..
if ($site->getNodeName() === null) {
return false;
}
return $domain->getSite()->getNodeName() === $this->siteNodeName;
}
}
@bwaidelich
Copy link
Author

Usage:

Neos:
  Flow:
    security:
      authentication:
        providers:
          'some-provider':
            provider: 'Some\Package\SomeProvider'
            requestPatterns:
              'Some.Package:SomeSite':
                pattern: 'Some\Package\SiteRequestPattern'
                patternOptions:
                  'siteNodeName': 'some-site'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment