Upgrade to 3.7.0
This commit is contained in:
Bastian Allgeier
70
kirby/src/Http/Request.php
Normal file → Executable file
70
kirby/src/Http/Request.php
Normal file → Executable file
@@ -2,8 +2,7 @@
|
||||
|
||||
namespace Kirby\Http;
|
||||
|
||||
use Kirby\Http\Request\Auth\BasicAuth;
|
||||
use Kirby\Http\Request\Auth\BearerAuth;
|
||||
use Kirby\Cms\App;
|
||||
use Kirby\Http\Request\Body;
|
||||
use Kirby\Http\Request\Files;
|
||||
use Kirby\Http\Request\Query;
|
||||
@@ -23,10 +22,16 @@ use Kirby\Toolkit\Str;
|
||||
*/
|
||||
class Request
|
||||
{
|
||||
public static $authTypes = [
|
||||
'basic' => 'Kirby\Http\Request\Auth\BasicAuth',
|
||||
'bearer' => 'Kirby\Http\Request\Auth\BearerAuth',
|
||||
'session' => 'Kirby\Http\Request\Auth\SessionAuth',
|
||||
];
|
||||
|
||||
/**
|
||||
* The auth object if available
|
||||
*
|
||||
* @var BearerAuth|BasicAuth|false|null
|
||||
* @var \Kirby\Http\Request\Auth|false|null
|
||||
*/
|
||||
protected $auth;
|
||||
|
||||
@@ -109,19 +114,19 @@ class Request
|
||||
$this->method = $this->detectRequestMethod($options['method'] ?? null);
|
||||
|
||||
if (isset($options['body']) === true) {
|
||||
$this->body = new Body($options['body']);
|
||||
$this->body = is_a($options['body'], Body::class) ? $options['body'] : new Body($options['body']);
|
||||
}
|
||||
|
||||
if (isset($options['files']) === true) {
|
||||
$this->files = new Files($options['files']);
|
||||
$this->files = is_a($options['files'], Files::class) ? $options['files'] : new Files($options['files']);
|
||||
}
|
||||
|
||||
if (isset($options['query']) === true) {
|
||||
$this->query = new Query($options['query']);
|
||||
$this->query = is_a($options['query'], Query::class) === true ? $options['query'] : new Query($options['query']);
|
||||
}
|
||||
|
||||
if (isset($options['url']) === true) {
|
||||
$this->url = new Uri($options['url']);
|
||||
$this->url = is_a($options['url'], Uri::class) === true ? $options['url'] : new Uri($options['url']);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -144,7 +149,7 @@ class Request
|
||||
/**
|
||||
* Returns the Auth object if authentication is set
|
||||
*
|
||||
* @return \Kirby\Http\Request\Auth\BasicAuth|\Kirby\Http\Request\Auth\BearerAuth|null
|
||||
* @return \Kirby\Http\Request\Auth|null
|
||||
*/
|
||||
public function auth()
|
||||
{
|
||||
@@ -152,16 +157,31 @@ class Request
|
||||
return $this->auth;
|
||||
}
|
||||
|
||||
if ($auth = $this->options['auth'] ?? $this->header('authorization')) {
|
||||
$type = Str::before($auth, ' ');
|
||||
$token = Str::after($auth, ' ');
|
||||
$class = 'Kirby\\Http\\Request\\Auth\\' . ucfirst($type) . 'Auth';
|
||||
// lazily request the instance for non-CMS use cases
|
||||
$kirby = App::instance(null, true);
|
||||
|
||||
if (class_exists($class) === false) {
|
||||
// tell the CMS responder that the response relies on
|
||||
// the `Authorization` header and its value (even if
|
||||
// the header isn't set in the current request);
|
||||
// this ensures that the response is only cached for
|
||||
// unauthenticated visitors;
|
||||
// https://github.com/getkirby/kirby/issues/4423#issuecomment-1166300526
|
||||
if ($kirby) {
|
||||
$kirby->response()->usesAuth(true);
|
||||
}
|
||||
|
||||
if ($auth = $this->options['auth'] ?? $this->header('authorization')) {
|
||||
$type = Str::lower(Str::before($auth, ' '));
|
||||
$data = Str::after($auth, ' ');
|
||||
|
||||
$class = static::$authTypes[$type] ?? null;
|
||||
if (!$class || class_exists($class) === false) {
|
||||
return $this->auth = false;
|
||||
}
|
||||
|
||||
return $this->auth = new $class($token);
|
||||
$object = new $class($data);
|
||||
|
||||
return $this->auth = $object;
|
||||
}
|
||||
|
||||
return $this->auth = false;
|
||||
@@ -184,7 +204,7 @@ class Request
|
||||
*/
|
||||
public function cli(): bool
|
||||
{
|
||||
return Server::cli();
|
||||
return $this->options['cli'] ?? (new Environment())->cli();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -220,14 +240,14 @@ class Request
|
||||
$methods = ['GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE', 'PATCH'];
|
||||
|
||||
// the request method can be overwritten with a header
|
||||
$methodOverride = strtoupper($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ?? '');
|
||||
$methodOverride = strtoupper(Environment::getGlobally('HTTP_X_HTTP_METHOD_OVERRIDE', ''));
|
||||
|
||||
if ($method === null && in_array($methodOverride, $methods) === true) {
|
||||
$method = $methodOverride;
|
||||
}
|
||||
|
||||
// final chain of options to detect the method
|
||||
$method = $method ?? $_SERVER['REQUEST_METHOD'] ?? 'GET';
|
||||
$method = $method ?? Environment::getGlobally('REQUEST_METHOD', 'GET');
|
||||
|
||||
// uppercase the shit out of it
|
||||
$method = strtoupper($method);
|
||||
@@ -285,6 +305,20 @@ class Request
|
||||
return A::get($this->data(), $key, $fallback);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether the request contains
|
||||
* the `Authorization` header
|
||||
* @since 3.7.0
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function hasAuth(): bool
|
||||
{
|
||||
$header = $this->options['auth'] ?? $this->header('authorization');
|
||||
|
||||
return $header !== null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a header by key if it exists
|
||||
*
|
||||
@@ -308,7 +342,7 @@ class Request
|
||||
{
|
||||
$headers = [];
|
||||
|
||||
foreach ($_SERVER as $key => $value) {
|
||||
foreach (Environment::getGlobally() as $key => $value) {
|
||||
if (substr($key, 0, 5) !== 'HTTP_' && substr($key, 0, 14) !== 'REDIRECT_HTTP_') {
|
||||
continue;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user