src/Adapter/Api/EventListener/ApiAuthorizationListener.php line 51

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by PhpStorm.
  4.  * User: matijajanc
  5.  * Date: 22/05/2018
  6.  * Time: 15:18
  7.  */
  9. namespace App\Adapter\Api\EventListener;
  11. use App\Adapter\Api\Annotations\ApiAuthorization;
  12. use App\Adapter\Api\Exception\ApiException;
  13. use App\Adapter\Api\Service\Validators\ApiValidator;
  14. use Doctrine\Common\Annotations\Reader;
  15. use Doctrine\Common\Util\ClassUtils;
  16. use Nelmio\ApiDocBundle\Controller\SwaggerUiController;
  17. use ReflectionClass;
  18. use ReflectionObject;
  19. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
  20. use Symfony\Component\HttpFoundation\Response;
  21. use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
  23. class ApiAuthorizationListener
  24. {
  25.     /**
  26.      * @var Reader
  27.      */
  28.     private $reader;
  30.     /**
  31.      * @var ApiValidator
  32.      */
  33.     private $validator;
  35.     /**
  36.      * ApiAuthorizationListener constructor.
  37.      * @param Reader $reader
  38.      * @param ApiValidator $validator
  39.      */
  40.     public function __construct(Reader $readerApiValidator $validator)
  41.     {
  42.         $this->reader $reader;
  43.         $this->validator $validator;
  44.     }
  46.     /**
  47.      * @param FilterControllerEvent $event
  48.      * @throws ApiException
  49.      * @throws \ReflectionException
  50.      */
  51.     public function onKernelController(FilterControllerEvent $event)
  52.     {
  53.         $controller $event->getController();
  54.         $request $event->getRequest();
  56.         if (!$controller instanceof SwaggerUiController) {
  57.             /** @var Controller $controllerObject */
  58.             list($controllerObject$methodName) = $controller;
  60.             if ($controllerObject instanceof Controller
  61.                 && $this->hasApiAuthorizationAnnotation($controllerObject$methodName)
  62.             ) {
  63.                 if (!$this->validator->validateUserAgent($request)) {
  64.                     throw new ApiException(['ERR-301''User agent is required'], Response::HTTP_UNAUTHORIZED);
  65.                 }
  66.             }
  67.         }
  68.     }
  70.     /**
  71.      * @param Controller $controllerObject
  72.      * @param $methodName
  73.      * @return bool
  74.      * @throws \ReflectionException
  75.      */
  76.     private function hasApiAuthorizationAnnotation(Controller $controllerObject$methodName)
  77.     {
  78.         $tokenAnnotation ApiAuthorization::class;
  79.         $hasAnnotation false;
  81.         $classAnnotation $this->reader->getClassAnnotation(
  82.             new ReflectionClass(ClassUtils::getClass($controllerObject)),
  83.             $tokenAnnotation
  84.         );
  86.         if ($classAnnotation) {
  87.             $hasAnnotation true;
  88.         }
  90.         $controllerReflectionObject = new ReflectionObject($controllerObject);
  91.         $reflectionMethod $controllerReflectionObject->getMethod($methodName);
  92.         $methodAnnotation $this->reader->getMethodAnnotation($reflectionMethod$tokenAnnotation);
  94.         if ($methodAnnotation) {
  95.             $hasAnnotation true;
  96.         }
  98.         return $hasAnnotation;
  99.     }
  100. }