vendor/symfony/security-http/Firewall/ChannelListener.php line 29

  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpKernel\Event\RequestEvent;
  18. use Symfony\Component\Security\Http\AccessMapInterface;
  20. /**
  21.  * ChannelListener switches the HTTP protocol based on the access control
  22.  * configuration.
  23.  *
  24.  * @author Fabien Potencier <fabien@symfony.com>
  25.  *
  26.  * @final
  27.  */
  28. class ChannelListener extends AbstractListener
  29. {
  30.     private AccessMapInterface $map;
  31.     private ?LoggerInterface $logger;
  32.     private int $httpPort;
  33.     private int $httpsPort;
  35.     public function __construct(AccessMapInterface $map, ?LoggerInterface $logger nullint $httpPort 80int $httpsPort 443)
  36.     {
  37.         $this->map $map;
  38.         $this->logger $logger;
  39.         $this->httpPort $httpPort;
  40.         $this->httpsPort $httpsPort;
  41.     }
  43.     /**
  44.      * Handles channel management.
  45.      */
  46.     public function supports(Request $request): ?bool
  47.     {
  48.         [, $channel] = $this->map->getPatterns($request);
  50.         if ('https' === $channel && !$request->isSecure()) {
  51.             if (null !== $this->logger) {
  52.                 if ('https' === $request->headers->get('X-Forwarded-Proto')) {
  53.                     $this->logger->info('Redirecting to HTTPS. ("X-Forwarded-Proto" header is set to "https" - did you set "trusted_proxies" correctly?)');
  54.                 } elseif (str_contains($request->headers->get('Forwarded'''), 'proto=https')) {
  55.                     $this->logger->info('Redirecting to HTTPS. ("Forwarded" header is set to "proto=https" - did you set "trusted_proxies" correctly?)');
  56.                 } else {
  57.                     $this->logger->info('Redirecting to HTTPS.');
  58.                 }
  59.             }
  61.             return true;
  62.         }
  64.         if ('http' === $channel && $request->isSecure()) {
  65.             $this->logger?->info('Redirecting to HTTP.');
  67.             return true;
  68.         }
  70.         return false;
  71.     }
  73.     public function authenticate(RequestEvent $event): void
  74.     {
  75.         $request $event->getRequest();
  77.         $event->setResponse($this->createRedirectResponse($request));
  78.     }
  80.     private function createRedirectResponse(Request $request): RedirectResponse
  81.     {
  82.         $scheme $request->isSecure() ? 'http' 'https';
  83.         if ('http' === $scheme && 80 != $this->httpPort) {
  84.             $port ':'.$this->httpPort;
  85.         } elseif ('https' === $scheme && 443 != $this->httpsPort) {
  86.             $port ':'.$this->httpsPort;
  87.         } else {
  88.             $port '';
  89.         }
  91.         $qs $request->getQueryString();
  92.         if (null !== $qs) {
  93.             $qs '?'.$qs;
  94.         }
  96.         $url $scheme.'://'.$request->getHost().$port.$request->getBaseUrl().$request->getPathInfo().$qs;
  98.         return new RedirectResponse($url301);
  99.     }
  100. }