From 495b24a5aa9813f11fbda9ca8357dd00df0425e7 Mon Sep 17 00:00:00 2001 From: Sami Mazouz Date: Fri, 11 Aug 2023 14:19:59 +0100 Subject: [PATCH] chore: convert other middleware --- .../Middleware/AuthenticateWithHeader.php | 19 +++++++----- .../Middleware/AuthenticateWithSession.php | 15 +++++----- .../src/Http/Middleware/CheckCsrfToken.php | 28 ++++++++--------- .../src/Http/Middleware/CollectGarbage.php | 13 ++++---- .../Middleware/ContentTypeOptionsHeader.php | 20 ++++++++----- .../Http/Middleware/FlarumPromotionHeader.php | 18 ++++++----- .../core/src/Http/Middleware/HandleErrors.php | 13 ++++---- .../IlluminateMiddlewareInterface.php | 17 +++++++++++ .../Http/Middleware/InjectActorReference.php | 13 ++++---- .../Http/Middleware/ReferrerPolicyHeader.php | 20 ++++++++----- .../Http/Middleware/RememberFromCookie.php | 18 +++++------ .../core/src/Http/Middleware/SetLocale.php | 18 +++++------ .../Middleware/ShareErrorsFromSession.php | 15 +++++----- .../core/src/Http/Middleware/StartSession.php | 30 +++++++++---------- 14 files changed, 137 insertions(+), 120 deletions(-) create mode 100644 framework/core/src/Http/Middleware/IlluminateMiddlewareInterface.php diff --git a/framework/core/src/Http/Middleware/AuthenticateWithHeader.php b/framework/core/src/Http/Middleware/AuthenticateWithHeader.php index bce59949b..778a147c9 100644 --- a/framework/core/src/Http/Middleware/AuthenticateWithHeader.php +++ b/framework/core/src/Http/Middleware/AuthenticateWithHeader.php @@ -9,23 +9,26 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Api\ApiKey; use Flarum\Http\AccessToken; use Flarum\Http\RequestUtil; use Flarum\User\User; +use Illuminate\Http\Request; use Illuminate\Support\Str; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Symfony\Component\HttpFoundation\Response; -class AuthenticateWithHeader implements Middleware +class AuthenticateWithHeader implements IlluminateMiddlewareInterface { const TOKEN_PREFIX = 'Token '; - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - $headerLine = $request->getHeaderLine('authorization'); + $headerLine = $request->header('Authorization'); + + if (is_array($headerLine)) { + $headerLine = implode(',', $headerLine); + } $parts = explode(';', $headerLine); @@ -55,7 +58,7 @@ class AuthenticateWithHeader implements Middleware } } - return $handler->handle($request); + return $next($request); } private function getUser(string $string): ?User diff --git a/framework/core/src/Http/Middleware/AuthenticateWithSession.php b/framework/core/src/Http/Middleware/AuthenticateWithSession.php index 2af77257c..26332444e 100644 --- a/framework/core/src/Http/Middleware/AuthenticateWithSession.php +++ b/framework/core/src/Http/Middleware/AuthenticateWithSession.php @@ -9,27 +9,26 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Http\AccessToken; use Flarum\Http\RequestUtil; use Flarum\User\Guest; use Flarum\User\User; use Illuminate\Contracts\Session\Session; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; -class AuthenticateWithSession implements Middleware +class AuthenticateWithSession implements IlluminateMiddlewareInterface { - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - $session = $request->getAttribute('session'); + $session = $request->attributes->get('session'); $actor = $this->getActor($session, $request); $request = RequestUtil::withActor($request, $actor); - return $handler->handle($request); + return $next($request); } private function getActor(Session $session, Request $request): Guest|User diff --git a/framework/core/src/Http/Middleware/CheckCsrfToken.php b/framework/core/src/Http/Middleware/CheckCsrfToken.php index d4d3aa5dd..0a6c99c7e 100644 --- a/framework/core/src/Http/Middleware/CheckCsrfToken.php +++ b/framework/core/src/Http/Middleware/CheckCsrfToken.php @@ -9,35 +9,34 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Http\Exception\TokenMismatchException; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; -class CheckCsrfToken implements Middleware +class CheckCsrfToken implements IlluminateMiddlewareInterface { public function __construct( protected array $exemptRoutes ) { } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - if (in_array($request->getAttribute('routeName'), $this->exemptRoutes, true)) { - return $handler->handle($request); + if ($request->routeIs(...$this->exemptRoutes)) { + return $next($request); } if (in_array($request->getMethod(), ['GET', 'HEAD', 'OPTIONS'])) { - return $handler->handle($request); + return $next($request); } - if ($request->getAttribute('bypassCsrfToken', false)) { - return $handler->handle($request); + if ($request->attributes->get('bypassCsrfToken', false)) { + return $next($request); } if ($this->tokensMatch($request)) { - return $handler->handle($request); + return $next($request); } throw new TokenMismatchException('CSRF token did not match'); @@ -45,10 +44,9 @@ class CheckCsrfToken implements Middleware private function tokensMatch(Request $request): bool { - $expected = (string) $request->getAttribute('session')->token(); + $expected = (string) $request->attributes->get('session')->token(); - $provided = $request->getParsedBody()['csrfToken'] ?? - $request->getHeaderLine('X-CSRF-Token'); + $provided = $request->json('csrfToken', $request->header('X-CSRF-Token')); return hash_equals($expected, $provided); } diff --git a/framework/core/src/Http/Middleware/CollectGarbage.php b/framework/core/src/Http/Middleware/CollectGarbage.php index 0f2e7353d..0c8789909 100644 --- a/framework/core/src/Http/Middleware/CollectGarbage.php +++ b/framework/core/src/Http/Middleware/CollectGarbage.php @@ -10,18 +10,17 @@ namespace Flarum\Http\Middleware; use Carbon\Carbon; +use Closure; use Flarum\Http\AccessToken; use Flarum\User\EmailToken; use Flarum\User\PasswordToken; use Flarum\User\RegistrationToken; use Illuminate\Contracts\Config\Repository as ConfigRepository; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; use SessionHandlerInterface; +use Symfony\Component\HttpFoundation\Response; -class CollectGarbage implements Middleware +class CollectGarbage implements IlluminateMiddlewareInterface { protected array $sessionConfig; @@ -32,11 +31,11 @@ class CollectGarbage implements Middleware $this->sessionConfig = (array) $config->get('session'); } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { $this->collectGarbageSometimes(); - return $handler->handle($request); + return $next($request); } private function collectGarbageSometimes(): void diff --git a/framework/core/src/Http/Middleware/ContentTypeOptionsHeader.php b/framework/core/src/Http/Middleware/ContentTypeOptionsHeader.php index f78ec9049..6438f3c30 100644 --- a/framework/core/src/Http/Middleware/ContentTypeOptionsHeader.php +++ b/framework/core/src/Http/Middleware/ContentTypeOptionsHeader.php @@ -9,17 +9,21 @@ namespace Flarum\Http\Middleware; -use Psr\Http\Message\ResponseInterface; -use Psr\Http\Message\ServerRequestInterface; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface; +use Closure; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; -class ContentTypeOptionsHeader implements Middleware +class ContentTypeOptionsHeader implements IlluminateMiddlewareInterface { - public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + /** + * @inheritDoc + */ + public function handle(Request $request, Closure $next): Response { - $response = $handler->handle($request); + $response = $next($request); - return $response->withAddedHeader('X-Content-Type-Options', 'nosniff'); + $response->headers->set('X-Content-Type-Options', 'nosniff'); + + return $response; } } diff --git a/framework/core/src/Http/Middleware/FlarumPromotionHeader.php b/framework/core/src/Http/Middleware/FlarumPromotionHeader.php index fd27056da..f678beca0 100644 --- a/framework/core/src/Http/Middleware/FlarumPromotionHeader.php +++ b/framework/core/src/Http/Middleware/FlarumPromotionHeader.php @@ -9,14 +9,13 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Foundation\Config; +use Illuminate\Http\Request; use Illuminate\Support\Arr; -use Psr\Http\Message\ResponseInterface; -use Psr\Http\Message\ServerRequestInterface; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface; +use Symfony\Component\HttpFoundation\Response; -class FlarumPromotionHeader implements Middleware +class FlarumPromotionHeader implements IlluminateMiddlewareInterface { protected bool $enabled = true; @@ -25,12 +24,15 @@ class FlarumPromotionHeader implements Middleware $this->enabled = (bool) (Arr::get($config, 'headers.poweredByHeader') ?? true); } - public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + /** + * @inheritDoc + */ + public function handle(Request $request, Closure $next): Response { - $response = $handler->handle($request); + $response = $next($request); if ($this->enabled) { - $response = $response->withAddedHeader('X-Powered-By', 'Flarum'); + $response->headers->set('X-Powered-By', 'Flarum'); } return $response; diff --git a/framework/core/src/Http/Middleware/HandleErrors.php b/framework/core/src/Http/Middleware/HandleErrors.php index 102fe29a6..2847f412b 100644 --- a/framework/core/src/Http/Middleware/HandleErrors.php +++ b/framework/core/src/Http/Middleware/HandleErrors.php @@ -9,12 +9,11 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Foundation\ErrorHandling\HttpFormatter; use Flarum\Foundation\ErrorHandling\Registry; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; use Throwable; /** @@ -24,7 +23,7 @@ use Throwable; * unknown errors will be passed on to one or multiple * {@see \Flarum\Foundation\ErrorHandling\Reporter} instances. */ -class HandleErrors implements Middleware +class HandleErrors implements IlluminateMiddlewareInterface { public function __construct( protected Registry $registry, @@ -37,10 +36,10 @@ class HandleErrors implements Middleware /** * Catch all errors that happen during further middleware execution. */ - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { try { - return $handler->handle($request); + return $next($request); } catch (Throwable $e) { $error = $this->registry->handle($e); diff --git a/framework/core/src/Http/Middleware/IlluminateMiddlewareInterface.php b/framework/core/src/Http/Middleware/IlluminateMiddlewareInterface.php new file mode 100644 index 000000000..d0e2a7d44 --- /dev/null +++ b/framework/core/src/Http/Middleware/IlluminateMiddlewareInterface.php @@ -0,0 +1,17 @@ +handle($request); + return $next($request); } } diff --git a/framework/core/src/Http/Middleware/ReferrerPolicyHeader.php b/framework/core/src/Http/Middleware/ReferrerPolicyHeader.php index 7627b109e..c1fb4096d 100644 --- a/framework/core/src/Http/Middleware/ReferrerPolicyHeader.php +++ b/framework/core/src/Http/Middleware/ReferrerPolicyHeader.php @@ -9,14 +9,13 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Foundation\Config; +use Illuminate\Http\Request; use Illuminate\Support\Arr; -use Psr\Http\Message\ResponseInterface; -use Psr\Http\Message\ServerRequestInterface; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface; +use Symfony\Component\HttpFoundation\Response; -class ReferrerPolicyHeader implements Middleware +class ReferrerPolicyHeader implements IlluminateMiddlewareInterface { protected string $policy = ''; @@ -25,10 +24,15 @@ class ReferrerPolicyHeader implements Middleware $this->policy = strval(Arr::get($config, 'headers.referrerPolicy') ?? 'same-origin'); } - public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + /** + * @inheritDoc + */ + public function handle(Request $request, Closure $next): Response { - $response = $handler->handle($request); + $response = $next($request); - return $response->withAddedHeader('Referrer-Policy', $this->policy); + $response->headers->set('Referrer-Policy', $this->policy); + + return $response; } } diff --git a/framework/core/src/Http/Middleware/RememberFromCookie.php b/framework/core/src/Http/Middleware/RememberFromCookie.php index c5d8315f6..5315a762a 100644 --- a/framework/core/src/Http/Middleware/RememberFromCookie.php +++ b/framework/core/src/Http/Middleware/RememberFromCookie.php @@ -9,25 +9,23 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Http\AccessToken; use Flarum\Http\CookieFactory; use Flarum\Http\RememberAccessToken; -use Illuminate\Support\Arr; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; -class RememberFromCookie implements Middleware +class RememberFromCookie implements IlluminateMiddlewareInterface { public function __construct( protected CookieFactory $cookie ) { } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - $id = Arr::get($request->getCookieParams(), $this->cookie->getName('remember')); + $id = $request->cookie($this->cookie->getName('remember')); if ($id) { $token = AccessToken::findValid($id); @@ -36,11 +34,11 @@ class RememberFromCookie implements Middleware $token->touch(request: $request); /** @var \Illuminate\Contracts\Session\Session $session */ - $session = $request->getAttribute('session'); + $session = $request->attributes->get('session'); $session->put('access_token', $token->token); } } - return $handler->handle($request); + return $next($request); } } diff --git a/framework/core/src/Http/Middleware/SetLocale.php b/framework/core/src/Http/Middleware/SetLocale.php index eeb09d7f7..68c9654f0 100644 --- a/framework/core/src/Http/Middleware/SetLocale.php +++ b/framework/core/src/Http/Middleware/SetLocale.php @@ -9,37 +9,35 @@ namespace Flarum\Http\Middleware; +use Closure; use Flarum\Http\RequestUtil; use Flarum\Locale\LocaleManager; -use Illuminate\Support\Arr; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Illuminate\Http\Request; +use Symfony\Component\HttpFoundation\Response; -class SetLocale implements Middleware +class SetLocale implements IlluminateMiddlewareInterface { public function __construct( protected LocaleManager $locales ) { } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { $actor = RequestUtil::getActor($request); if ($actor->exists) { $locale = $actor->getPreference('locale'); } else { - $locale = Arr::get($request->getCookieParams(), 'locale'); + $locale = $request->cookie('locale'); } if ($locale && $this->locales->hasLocale($locale)) { $this->locales->setLocale($locale); } - $request = $request->withAttribute('locale', $this->locales->getLocale()); + $request->attributes->set('locale', $this->locales->getLocale()); - return $handler->handle($request); + return $next($request); } } diff --git a/framework/core/src/Http/Middleware/ShareErrorsFromSession.php b/framework/core/src/Http/Middleware/ShareErrorsFromSession.php index c3511e6d8..0ae794643 100644 --- a/framework/core/src/Http/Middleware/ShareErrorsFromSession.php +++ b/framework/core/src/Http/Middleware/ShareErrorsFromSession.php @@ -9,28 +9,27 @@ namespace Flarum\Http\Middleware; +use Closure; use Illuminate\Contracts\View\Factory as ViewFactory; +use Illuminate\Http\Request; use Illuminate\Support\ViewErrorBag; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; +use Symfony\Component\HttpFoundation\Response; /** * Inspired by Illuminate\View\Middleware\ShareErrorsFromSession. * * @author Taylor Otwell */ -class ShareErrorsFromSession implements Middleware +class ShareErrorsFromSession implements IlluminateMiddlewareInterface { public function __construct( protected ViewFactory $view ) { } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - $session = $request->getAttribute('session'); + $session = $request->attributes->get('session'); // If the current session has an "errors" variable bound to it, we will share // its value with all view instances so the views can easily access errors @@ -46,6 +45,6 @@ class ShareErrorsFromSession implements Middleware $session->remove('errors'); - return $handler->handle($request); + return $next($request); } } diff --git a/framework/core/src/Http/Middleware/StartSession.php b/framework/core/src/Http/Middleware/StartSession.php index cf812e5a3..0816c2df0 100644 --- a/framework/core/src/Http/Middleware/StartSession.php +++ b/framework/core/src/Http/Middleware/StartSession.php @@ -9,19 +9,17 @@ namespace Flarum\Http\Middleware; -use Dflydev\FigCookies\FigResponseCookies; +use Closure; use Flarum\Http\CookieFactory; use Illuminate\Contracts\Config\Repository as ConfigRepository; use Illuminate\Contracts\Session\Session; +use Illuminate\Http\Request; use Illuminate\Session\Store; use Illuminate\Support\Arr; -use Psr\Http\Message\ResponseInterface as Response; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Server\MiddlewareInterface as Middleware; -use Psr\Http\Server\RequestHandlerInterface as Handler; use SessionHandlerInterface; +use Symfony\Component\HttpFoundation\Response; -class StartSession implements Middleware +class StartSession implements IlluminateMiddlewareInterface { protected array $config; @@ -33,20 +31,21 @@ class StartSession implements Middleware $this->config = (array) $config->get('session'); } - public function process(Request $request, Handler $handler): Response + public function handle(Request $request, Closure $next): Response { - $request = $request->withAttribute( + $request->attributes->set( 'session', $session = $this->makeSession($request) ); $session->start(); - $response = $handler->handle($request); + $response = $next($request); $session->save(); - $response = $this->withCsrfTokenHeader($response, $session); + $this->setCsrfTokenHeader($response, $session); + $this->setSessionCookie($response, $session); - return $this->withSessionCookie($response, $session); + return $response; } private function makeSession(Request $request): Session @@ -58,15 +57,14 @@ class StartSession implements Middleware ); } - private function withCsrfTokenHeader(Response $response, Session $session): Response + private function setCsrfTokenHeader(Response $response, Session $session): void { - return $response->withHeader('X-CSRF-Token', $session->token()); + $response->headers->set('X-CSRF-Token', $session->token()); } - private function withSessionCookie(Response $response, Session $session): Response + private function setSessionCookie(Response $response, Session $session): void { - return FigResponseCookies::set( - $response, + $response->headers->setCookie( $this->cookie->make($session->getName(), $session->getId(), $this->getSessionLifetimeInSeconds()) ); }