Почетна Преглед Помоћ
Пријавите се
kotnik
/
shlink
1
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: 2151b97bec
Гране Ознаке
shlink
/
module
/
Rest
/
src
/
Middleware
/
CrossDomainMiddleware.php

CrossDomainMiddleware.php 2.2 KB
Историја Датотека

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace Shlinkio\Shlink\Rest\Middleware;
    6. 

  6. 

  7. use Fig\Http\Message\RequestMethodInterface;
    8. 

  8. use Mezzio\Router\RouteResult;
    9. 

  9. use Psr\Http\Message\ResponseInterface;
    10. 

  10. use Psr\Http\Message\ServerRequestInterface;
    11. 

  11. use Psr\Http\Server\MiddlewareInterface;
    12. 

  12. use Psr\Http\Server\RequestHandlerInterface;
    13. 

  13. use Shlinkio\Shlink\Rest\Authentication;
    14. 

  14. 

  15. use function implode;
    16. 

  16. 

  17. class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterface
    18. 

  18. {
    19. 

  19.     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    20. 

  20.     {
    21. 

  21.         $response = $handler->handle($request);
    22. 

  22.         if (! $request->hasHeader('Origin')) {
    23. 

  23.             return $response;
    24. 

  24.         }
    25. 

  25. 

  26.         // Add Allow-Origin header
    27. 

  27.         $response = $response->withHeader('Access-Control-Allow-Origin', $request->getHeader('Origin'))
    28. 

  28.                              ->withHeader('Access-Control-Expose-Headers', implode(', ', [
    29. 

  29.                                  Authentication\Plugin\ApiKeyHeaderPlugin::HEADER_NAME,
    30. 

  30.                              ]));
    31. 

  31.         if ($request->getMethod() !== self::METHOD_OPTIONS) {
    32. 

  32.             return $response;
    33. 

  33.         }
    34. 

  34. 

  35.         return $this->addOptionsHeaders($request, $response);
    36. 

  36.     }
    37. 

  37. 

  38.     private function addOptionsHeaders(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
    39. 

  39.     {
    40. 

  40.         /** @var RouteResult|null $matchedRoute */
    41. 

  41.         $matchedRoute = $request->getAttribute(RouteResult::class);
    42. 

  42.         $matchedMethods = $matchedRoute !== null ? $matchedRoute->getAllowedMethods() : [
    43. 

  43.             self::METHOD_GET,
    44. 

  44.             self::METHOD_POST,
    45. 

  45.             self::METHOD_PUT,
    46. 

  46.             self::METHOD_PATCH,
    47. 

  47.             self::METHOD_DELETE,
    48. 

  48.             self::METHOD_OPTIONS,
    49. 

  49.         ];
    50. 

  50.         $corsHeaders = [
    51. 

  51.             'Access-Control-Allow-Methods' => implode(',', $matchedMethods),
    52. 

  52.             'Access-Control-Max-Age' => '1000',
    53. 

  53.             'Access-Control-Allow-Headers' => $request->getHeaderLine('Access-Control-Request-Headers'),
    54. 

  54.         ];
    55. 

  55. 

  56.         foreach ($corsHeaders as $key => $value) {
    57. 

  57.             $response = $response->withHeader($key, $value);
    58. 

  58.         }
    59. 

  59. 

  60.         return $response;
    61. 

  61.     }
    62. 

  62. }
    63.