-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
15 changed files
with
475 additions
and
72 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,36 +1,33 @@ | ||
<?php | ||
namespace Ise\WebSecurityBundle\DependencyInjection; | ||
|
||
use Exception; | ||
use Symfony\Component\DependencyInjection\ContainerBuilder; | ||
use Symfony\Component\HttpKernel\DependencyInjection\Extension; | ||
use Symfony\Component\Config\FileLocator; | ||
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader; | ||
use Symfony\Component\DependencyInjection\Container; | ||
use Symfony\Component\DependencyInjection\Loader\YamlFileLoader; | ||
use Symfony\Component\DependencyInjection\Reference; | ||
use Symfony\Component\Yaml\Yaml; | ||
|
||
class IseWebSecurityExtension extends Extension | ||
{ | ||
public function load(array $configs, ContainerBuilder $container) | ||
{ | ||
//!Work in progress as described in Configuration.php To be rebuild in #7 and #3 | ||
$configuration = new Configuration(); | ||
|
||
$config = $this->processConfiguration($configuration, $configs); | ||
|
||
$container->setParameter('ise_security.coop.active', $config['coop']); | ||
$container->setParameter('ise_security.fetch_metadata.active', $config['fetch_metadata']['active']); | ||
$defaults = $config['defaults']; | ||
|
||
$loader = new YamlFileLoader( | ||
$container, | ||
new FileLocator(__DIR__.'/../Resources/config') | ||
); | ||
$loader->load('services.yaml'); | ||
|
||
$fetchMetaDataSubscriber = $container->getDefinition("ise_fetch_metadata.subscriber"); | ||
if ($config['fetch_metadata']['fetch_metadata_policy'] !== null) { | ||
$fetchMetaDataSubscriber->setArgument(1, new Reference($config['fetch_metadata']['fetch_metadata_policy'])); | ||
} | ||
|
||
$fetchMetaDataDefaultPolicy = $container->getDefinition("ise_fetch_metadata.default_policy"); | ||
$fetchMetaDataDefaultPolicy->setArgument(1, $config['fetch_metadata']['allowed_endpoints']); | ||
|
||
$configProvider = $container->getDefinition('ise_config.provider'); | ||
$configProvider->setArgument('$defaults', $defaults); | ||
$configProvider->setArgument('$paths', $config['paths']); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
<?php | ||
|
||
namespace Ise\WebSecurityBundle\Options; | ||
|
||
use Symfony\Component\HttpFoundation\Request; | ||
|
||
/** | ||
* ConfigurationProvider | ||
* Class implements the ConfigProviderInterface, parses paths and defaults config provided by the container to provide configuration for the current request route. | ||
*/ | ||
class ConfigProvider implements ConfigProviderInterface | ||
{ | ||
/** | ||
* Paths configuration, populated via container injection | ||
* | ||
* @var [mixed] | ||
*/ | ||
private $paths; | ||
/** | ||
* Defaults configuration, merged with per path config to ensure defaults are overwritten | ||
* | ||
* @var [mixed] | ||
*/ | ||
private $defaults; | ||
|
||
public function __construct($defaults = [], $paths = []) | ||
{ | ||
$this->defaults = $defaults; | ||
$this->paths = $paths; | ||
} | ||
/** | ||
* getPathConfig parses the request uri and attempt to match it against a path config, where the path config is used as a regex to match against the uri. | ||
* If no config is found, the default config is returned. | ||
* If a config is found, then the default and the path config is merged and returned in $options. | ||
* Path config is order dependant. IF '^/api' comes before '^/' in the config, then '^/api' will be applied and '^/' disregarded provided the first matches. | ||
* @param Request $request The request that is to be configured | ||
* @return array The Config to be applied to the Request. | ||
*/ | ||
public function getPathConfig(Request $request): array | ||
{ | ||
$uri = $request->getPathInfo() ?: '/'; | ||
foreach ($this->paths as $pathReg => $options) { | ||
//Check if there is a config that matches the ui | ||
if (preg_match('{'.$pathReg.'}i', $uri)) { | ||
$options = array_merge($this->defaults, $options); | ||
return $options; | ||
} | ||
} | ||
//Return the defaults if no path configs are found | ||
return $this->defaults; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
<?php | ||
|
||
namespace Ise\WebSecurityBundle\Options; | ||
|
||
use Symfony\Component\HttpFoundation\Request; | ||
|
||
/** | ||
* ConfigProviderInterface for creating and defining Configuration providers. | ||
*/ | ||
interface ConfigProviderInterface | ||
{ | ||
public function getPathConfig(Request $request): array; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
<?php | ||
|
||
namespace Ise\WebSecurityBundle\Policies; | ||
|
||
use InvalidArgumentException; | ||
|
||
/** Factory Class for handling dynamic injection of Fetch Metadata Policies. | ||
* Fetch Metadata policies are injected based on the pathConfig for a particular request. If no policy is configured the default Policy is returned. | ||
* If a configured class does not implement the FetchMetadataPolicyInterface, then an Exception is thrown. | ||
* @param array $pathConfig Array of path configuration generated by a ConfigurationProvider | ||
* @return FetchMetadataPolicyInterface | ||
*/ | ||
class FetchMetadataPolicyProvider | ||
{ | ||
public function getFetchMetadataPolicy(array $pathConfig): FetchMetadataPolicyInterface | ||
{ | ||
if (isset($pathConfig['policy'])) { | ||
$policy = new $pathConfig['policy']; | ||
if (is_subclass_of($policy, FetchMetadataPolicyInterface::class)) { | ||
return $policy; | ||
} else { | ||
throw new InvalidArgumentException("Policy ".$pathConfig['policy']." does not implement FetchMetadataPolicyInterface and may not be a valid policy"); | ||
} | ||
} else { | ||
$allowedOrigins = $pathConfig["allowed_origins"] ?? []; | ||
return new FetchMetadataDefaultPolicy($allowedOrigins); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.