From 8bd750e73c689751f9e3345ed0fa7b1247763bcd Mon Sep 17 00:00:00 2001 From: Adam Roberts Date: Tue, 21 May 2024 14:33:00 +0100 Subject: [PATCH] replace authentication exceptions with session --- src/Loader/WordpressLoader.php | 38 ++++++++++++++++---------- src/Security/UserAuthenticator.php | 43 +++++++++++++++--------------- 2 files changed, 46 insertions(+), 35 deletions(-) diff --git a/src/Loader/WordpressLoader.php b/src/Loader/WordpressLoader.php index 808d293..7bedd00 100644 --- a/src/Loader/WordpressLoader.php +++ b/src/Loader/WordpressLoader.php @@ -5,8 +5,6 @@ namespace Sword\SwordBundle\Loader; use Sword\SwordBundle\Event\WooCommerceRegistrationEvent; -use Sword\SwordBundle\Exception\WordpressLoginSuccessfulException; -use Sword\SwordBundle\Exception\WordpressLougoutSuccessfulException; use Sword\SwordBundle\Security\UserAuthenticator; use Sword\SwordBundle\Store\WordpressWidgetStore; use Symfony\Component\DependencyInjection\Attribute\Autowire; @@ -55,7 +53,8 @@ public function onWooCommerceRegistration(WooCommerceRegistrationEvent $event): public function createWordpressResponse(string $urlPathName): Response { $request = $this->requestStack->getCurrentRequest(); - + $session = $this->requestStack->getSession(); + ob_start(); $obLevel = ob_get_level(); @@ -65,9 +64,9 @@ public function createWordpressResponse(string $urlPathName): Response foreach (WordpressGlobals::GLOBALS as $global) { global $$global; } - + $entryPoint = $this->wordpressDirectory . '/index.php'; - + if (\in_array(basename($urlPathName), ['wp-login.php', 'wp-signup.php', 'wp-comments-post.php'], true)) { $_SERVER['PHP_SELF'] = '/' . basename($urlPathName); $entryPoint = $this->wordpressDirectory . '/' . basename($urlPathName); @@ -75,20 +74,31 @@ public function createWordpressResponse(string $urlPathName): Response if ($urlPathName === 'wp-admin/') { $urlPathName = 'wp-admin/index.php'; } - + $_SERVER['PHP_SELF'] = '/' . $urlPathName; $entryPoint = $this->wordpressDirectory . '/' . $urlPathName; } else { $_SERVER['PHP_SELF'] = '/' . $urlPathName; } - + $_SERVER['SCRIPT_FILENAME'] = $entryPoint; - - try { - require_once $entryPoint; - } catch (WordpressLoginSuccessfulException $exception) { - return $this->getAuthResponse($exception->username, $exception->password, $exception->rememberMe); - } catch (WordpressLougoutSuccessfulException) { + + require_once $entryPoint; + + if ($session->has('loginSuccessData')) { + $loginData = $session->get('loginSuccessData'); + $session->remove('loginSuccessData'); + return $this->getAuthResponse( + $loginData['username'], + $loginData['password'], + $loginData['rememberMe'] + ); + } + + if ($session->has('logoutSuccessResponse')) { + $response = $session->get('logoutSuccessResponse'); + $session->remove('logoutSuccessResponse'); + return new RedirectResponse($this->userAuthenticator->getLoginUrl($request)); } @@ -120,7 +130,7 @@ public function loadWordpress(): void require_once $this->wordpressDirectory . '/wp-load.php'; } - + private function getAuthResponse(string $username, string $password, bool $rememberMe): RedirectResponse { $session = $this->requestStack->getSession(); diff --git a/src/Security/UserAuthenticator.php b/src/Security/UserAuthenticator.php index 1205768..8fbefe1 100644 --- a/src/Security/UserAuthenticator.php +++ b/src/Security/UserAuthenticator.php @@ -5,8 +5,6 @@ use Psr\EventDispatcher\EventDispatcherInterface; use Sword\SwordBundle\Controller\Routes; use Sword\SwordBundle\Event\WooCommerceRegistrationEvent; -use Sword\SwordBundle\Exception\WordpressLoginSuccessfulException; -use Sword\SwordBundle\Exception\WordpressLougoutSuccessfulException; use Sword\SwordBundle\Service\WordpressService; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; @@ -107,10 +105,11 @@ public function onWordpressLogout(): void } $this->tokenStorage->setToken(); - $this->requestStack->getSession() - ->invalidate(); - - throw new WordpressLougoutSuccessfulException($response); + + $session = $this->requestStack->getSession(); + + $session->invalidate(); + $session->set('logoutSuccessResponse', $response); } public function onWooCommerceRegister(int $customerId, array $newCustomerData, bool $passwordGenerated): void @@ -129,19 +128,19 @@ public function supports(Request $request): bool } return $this->wordpressUsername && $this->wordpressPassword && \in_array( - $request->getPathInfo(), - [$this->getLoginUrl($request), '/wp-login.php'], - true, - ); + $request->getPathInfo(), + [$this->getLoginUrl($request), '/wp-login.php'], + true, + ); } public function start(Request $request, AuthenticationException $authException = null): RedirectResponse { $url = '/wp-login.php?' . http_build_query([ - 'redirect_to' => $request->getUri(), - 'reauth' => 0, - ]); - + 'redirect_to' => $request->getUri(), + 'reauth' => 0, + ]); + return new RedirectResponse($url, 302); } @@ -210,13 +209,15 @@ private function getRedirectPath(Request $request): ?string return null; } - - private function onWordpressLoginSuccess(): never + + private function onWordpressLoginSuccess(): void { - throw new WordpressLoginSuccessfulException( - $this->wordpressUsername, - $this->wordpressPassword, - $this->wordpressRememberMe, - ); + $session = $this->requestStack->getSession(); + + $session->set('loginSuccessData', [ + 'username' => $this->wordpressUsername, + 'password' => $this->wordpressPassword, + 'rememberMe' => $this->wordpressRememberMe, + ]); } }