Create API trait

classes/shop/Shop.php

@@ -51,16 +51,16 @@ class ShopCore extends ObjectModel
     public $active = true;
     public $deleted;
 
-    /** @var string Physical uri of main url (read only) */
+    /** @var ?string Physical uri of main url (read only) */
     public $physical_uri;
 
-    /** @var string Virtual uri of main url (read only) */
+    /** @var ?string Virtual uri of main url (read only) */
     public $virtual_uri;
 
-    /** @var string Domain of main url (read only) */
+    /** @var ?string Domain of main url (read only) */
     public $domain;
 
-    /** @var string Domain SSL of main url (read only) */
+    /** @var ?string Domain SSL of main url (read only) */
     public $domain_ssl;
 
     /** @var ShopGroup|null Shop group object */

src/PrestaShopBundle/EventListener/Context/Admin/CountryContextListener.php

@@ -30,10 +30,13 @@
 
 use PrestaShop\PrestaShop\Core\ConfigurationInterface;
 use PrestaShop\PrestaShop\Core\Context\CountryContextBuilder;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 
 class CountryContextListener
 {
+    use ExternalApiTrait;
+
     public function __construct(
         private readonly CountryContextBuilder $countryContextBuilder,
         private readonly ConfigurationInterface $configuration
@@ -42,7 +45,7 @@ public function __construct(
 
     public function onKernelRequest(RequestEvent $event): void
     {
-        if (!$event->isMainRequest()) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/Context/Admin/CurrencyContextListener.php

@@ -30,10 +30,13 @@
 
 use PrestaShop\PrestaShop\Core\ConfigurationInterface;
 use PrestaShop\PrestaShop\Core\Context\CurrencyContextBuilder;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 
 class CurrencyContextListener
 {
+    use ExternalApiTrait;
+
     public function __construct(
         private readonly CurrencyContextBuilder $currencyContextBuilder,
         private readonly ConfigurationInterface $configuration,
@@ -42,7 +45,7 @@ public function __construct(
 
     public function onKernelRequest(RequestEvent $event): void
     {
-        if (!$event->isMainRequest()) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/Context/Admin/EmployeeContextListener.php

@@ -30,13 +30,16 @@
 
 use PrestaShop\PrestaShop\Adapter\LegacyContext;
 use PrestaShop\PrestaShop\Core\Context\EmployeeContextBuilder;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 
 /**
  * @experimental Depends on ADR https://github.com/PrestaShop/ADR/pull/36
  */
 class EmployeeContextListener
 {
+    use ExternalApiTrait;
+
     public function __construct(
         private readonly EmployeeContextBuilder $employeeContextBuilder,
         private readonly LegacyContext $legacyContext
@@ -45,7 +48,7 @@ public function __construct(
 
     public function onKernelRequest(RequestEvent $event): void
     {
-        if (!$event->isMainRequest()) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/Context/Admin/LegacyContextListener.php

@@ -29,6 +29,7 @@
 namespace PrestaShopBundle\EventListener\Context\Admin;
 
 use PrestaShop\PrestaShop\Core\Context\LegacyContextBuilderInterface;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpKernel\Event\ControllerEvent;
 
 /**
@@ -45,6 +46,8 @@
  */
 class LegacyContextListener
 {
+    use ExternalApiTrait;
+
     /**
      * @param iterable|LegacyContextBuilderInterface[] $legacyBuilders
      */
@@ -55,7 +58,7 @@ public function __construct(
 
     public function onKernelController(ControllerEvent $event): void
     {
-        if (!$event->isMainRequest()) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/Context/Admin/LegacyControllerContextListener.php

@@ -29,7 +29,7 @@
 namespace PrestaShopBundle\EventListener\Context\Admin;
 
 use PrestaShop\PrestaShop\Core\Context\LegacyControllerContextBuilder;
-use PrestaShopBundle\EventListener\ApiTrait;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 
@@ -38,7 +38,7 @@
  */
 class LegacyControllerContextListener
 {
-    use ApiTrait;
+    use ExternalApiTrait;
 
     public function __construct(
         private readonly LegacyControllerContextBuilder $legacyControllerContextBuilder,
@@ -47,7 +47,7 @@ public function __construct(
 
     public function onKernelRequest(RequestEvent $event): void
     {
-        if (!$event->isMainRequest() || $this->isApiRequest($event->getRequest())) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/Context/Admin/ShopContextListener.php

@@ -35,6 +35,7 @@
 use PrestaShop\PrestaShop\Core\Domain\Configuration\ShopConfigurationInterface;
 use PrestaShop\PrestaShop\Core\Domain\Shop\ValueObject\ShopConstraint;
 use PrestaShop\PrestaShop\Core\Util\Url\UrlCleaner;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 
@@ -43,6 +44,8 @@
  */
 class ShopContextListener
 {
+    use ExternalApiTrait;
+
     public function __construct(
         private readonly ShopContextBuilder $shopContextBuilder,
         private readonly EmployeeContext $employeeContext,
@@ -58,7 +61,7 @@ public function onKernelRequest(RequestEvent $event): void
         // either that or the listener itself should be configured in a way so that it only is used in BO context
         // because in FO we don't handle shop context the same way (there can be only one shop and no shop context
         // switching is possible)
-        if (!$event->isMainRequest()) {
+        if (!$event->isMainRequest() || $this->isExternalApiRequest($event->getRequest())) {
             return;
         }
 

src/PrestaShopBundle/EventListener/ExternalApiTrait.php

@@ -0,0 +1,47 @@
+<?php
+/**
+ * Copyright since 2007 PrestaShop SA and Contributors
+ * PrestaShop is an International Registered Trademark & Property of PrestaShop SA
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the Open Software License (OSL 3.0)
+ * that is bundled with this package in the file LICENSE.md.
+ * It is also available through the world-wide-web at this URL:
+ * https://opensource.org/licenses/OSL-3.0
+ * If you did not receive a copy of the license and are unable to
+ * obtain it through the world-wide-web, please send an email
+ * to license@prestashop.com so we can send you a copy immediately.
+ *
+ * DISCLAIMER
+ *
+ * Do not edit or add to this file if you wish to upgrade PrestaShop to newer
+ * versions in the future. If you wish to customize PrestaShop for your
+ * needs please refer to https://devdocs.prestashop.com/ for more information.
+ *
+ * @author    PrestaShop SA and Contributors <contact@prestashop.com>
+ * @copyright Since 2007 PrestaShop SA and Contributors
+ * @license   https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
+ */
+
+declare(strict_types=1);
+
+namespace PrestaShopBundle\EventListener;
+
+use PrestaShopBundle\Controller\Api\OAuth2\AccessTokenController;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Utility Trait, enabling the detection of whether a request is an external API request.
+ * This allows us to condition listeners and thus control the creation of contexts.
+ */
+trait ExternalApiTrait
+{
+    protected function isExternalApiRequest(Request $request): bool
+    {
+        return in_array(
+            $request->attributes->get('_controller'),
+            [AccessTokenController::class, 'api_platform.action.placeholder']
+        );
+    }
+}

src/PrestaShopBundle/Security/SslMiddleware.php

@@ -29,7 +29,7 @@
 namespace PrestaShopBundle\Security;
 
 use PrestaShop\PrestaShop\Core\ConfigurationInterface;
-use PrestaShopBundle\Controller\Api\OAuth2\AccessTokenController;
+use PrestaShopBundle\EventListener\ExternalApiTrait;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -45,6 +45,8 @@
  */
 class SslMiddleware
 {
+    use ExternalApiTrait;
+
     private const AVAILABLE_SECURE_PROTOCOLS = ['tls/1.2', 'tls/1.3'];
 
     /**
@@ -72,14 +74,14 @@ public function onKernelRequest(RequestEvent $event): void
         }
 
         //If It's an API call and not using https, redirect to https
-        if ($this->isApi($event->getRequest()) && !$event->getRequest()->isSecure()) {
+        if ($this->isExternalApiRequest($event->getRequest()) && !$event->getRequest()->isSecure()) {
             $this->redirectToSsl($event);
 
             return;
         }
 
         //If It's an API call and not using TLS 1.2+, display error message
-        if ($this->isApi($event->getRequest())) {
+        if ($this->isExternalApiRequest($event->getRequest())) {
             $this->upgradeProtocol($event);
 
             return;
@@ -108,21 +110,13 @@ private function isSSLrequirementsMet(Request $request): bool
         if ($this->configuration->get('_PS_API_FORCE_TLS_VERSION_') === false) {
             return true;
         }
-        if ($this->isApi($request)) {
+        if ($this->isExternalApiRequest($request)) {
             return $this->isTLSVersionAccepted($request);
         }
 
         return $request->isSecure();
     }
 
-    private function isApi(Request $request): bool
-    {
-        return in_array(
-            $request->attributes->get('_controller'),
-            [AccessTokenController::class, 'api_platform.action.placeholder']
-        );
-    }
-
     private function isTLSVersionAccepted(Request $request): bool
     {
         // Probably using another webserver than Apache