Http/Firewall.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

<?php

/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\Security\Http;

use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\Events;
use Symfony\Component\HttpKernel\Event\RequestEventArgs;
use Symfony\Component\HttpFoundation\Request;
use Doctrine\Common\EventManager;

/**
 * Firewall uses a FirewallMap to register security listeners for the given
 * request.
 *
 * It allows for different security strategies within the same application
 * (a Basic authentication for the /api, and a web based authentication for
 * everything else for instance).
 *
 * @author Fabien Potencier <fabien.potencier@symfony-project.com>
 */
class Firewall
{
    protected $map;
    protected $evm;
    protected $currentListeners;

    /**
     * Constructor.
     *
     * @param FirewallMap $map A FirewallMap instance
     */
    public function __construct(FirewallMapInterface $map, EventManager $evm)
    {
        $this->map = $map;
        $this->evm = $evm;
        $this->currentListeners = array();
    }

    /**
     * Handles security.
     *
     * @param RequestEventArgs $eventArgs An RequestEventArgs instance
     */
    public function onCoreRequest(RequestEventArgs $eventArgs)
    {
        if (HttpKernelInterface::MASTER_REQUEST !== $eventArgs->getRequestType()) {
            return;
        }

        $request = $eventArgs->getRequest();

        // disconnect all listeners from onCoreSecurity to avoid the overhead
        // of most listeners having to do this manually
        $this->evm->removeEventListeners(Events::onCoreSecurity);

        // ensure that listeners disconnect from wherever they have connected to
        foreach ($this->currentListeners as $listener) {
            $listener->unregister($this->evm);
        }

        // register listeners for this firewall
        list($listeners, $exception) = $this->map->getListeners($request);
        if (null !== $exception) {
            $exception->register($this->evm);
        }
        foreach ($listeners as $listener) {
            $listener->register($this->evm);
        }

        // save current listener instances
        $this->currentListeners = $listeners;
        if (null !== $exception) {
            $this->currentListeners[] = $exception;
        }

        // initiate the listener chain
        $securityEventArgs = new RequestEventArgs($eventArgs->getKernel(), $request, $eventArgs->getRequestType());
        $this->evm->dispatchEvent($securityEventArgs);

        if ($securityEventArgs->hasResponse()) {
            $eventArgs->setResponse($securityEventArgs->getResponse());
        }
    }
}