vincentchalamon/AuthorizationEventSubscriber.php

## AuthorizationEventSubscriber.php
<?php

declare(strict_types=1);

namespace App\Mercure\EventSubscriber;

use App\Mercure\JwtProvider;
use Fig\Link\Link;
use Psr\Link\LinkProviderInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;

/**
 * @author Vincent Chalamon <vincent@les-tilleuls.coop>
 */
final class AuthorizationEventSubscriber implements EventSubscriberInterface
{
    private $jwtProvider;

    public function __construct(JwtProvider $jwtProvider)
    {
        $this->jwtProvider = $jwtProvider;
    }

    public static function getSubscribedEvents(): array
    {
        return [
            KernelEvents::RESPONSE => 'onKernelResponse',
        ];
    }

    public function onKernelResponse(FilterResponseEvent $event): void
    {
        $attributes = $event->getRequest()->attributes;
        if (!$attributes->has('_links') || !$attributes->get('_links') instanceof LinkProviderInterface) {
            return;
        }

        foreach ($attributes->get('_links')->getLinks() as $link) {
            /** @var Link $link */
            if (\in_array('mercure', $link->getRels(), true)) {
                // Add Mercure cookie with JWT only if Mercure hub url is present in Links response header
                $event->getResponse()->headers->set(
                    'set-cookie',
                    sprintf('mercureAuthorization=%s; path=/hub; secure; httponly; SameSite=strict', ($this->jwtProvider)())
                );
            }
        }
    }
}
	<?php

	declare(strict_types=1);

	namespace App\Mercure\EventSubscriber;

	use App\Mercure\JwtProvider;
	use Fig\Link\Link;
	use Psr\Link\LinkProviderInterface;
	use Symfony\Component\EventDispatcher\EventSubscriberInterface;
	use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
	use Symfony\Component\HttpKernel\KernelEvents;

	/**
	* @author Vincent Chalamon <vincent@les-tilleuls.coop>
	*/
	final class AuthorizationEventSubscriber implements EventSubscriberInterface
	{
	private $jwtProvider;

	public function __construct(JwtProvider $jwtProvider)
	{
	$this->jwtProvider = $jwtProvider;
	}

	public static function getSubscribedEvents(): array
	{
	return [
	KernelEvents::RESPONSE => 'onKernelResponse',
	];
	}

	public function onKernelResponse(FilterResponseEvent $event): void
	{
	$attributes = $event->getRequest()->attributes;
	if (!$attributes->has('_links') \|\| !$attributes->get('_links') instanceof LinkProviderInterface) {
	return;
	}

	foreach ($attributes->get('_links')->getLinks() as $link) {
	/** @var Link $link */
	if (\in_array('mercure', $link->getRels(), true)) {
	// Add Mercure cookie with JWT only if Mercure hub url is present in Links response header
	$event->getResponse()->headers->set(
	'set-cookie',
	sprintf('mercureAuthorization=%s; path=/hub; secure; httponly; SameSite=strict', ($this->jwtProvider)())
	);
	}
	}
	}
	}