src/EventSubscriber/SilentAuthenticationSubscriber.php line 21

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber;
  5. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  6. use Symfony\Component\HttpClient\HttpClient;
  7. use Symfony\Component\HttpKernel\Event\RequestEvent;
  8. use Symfony\Component\HttpFoundation\RedirectResponse;
  9. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  11. class SilentAuthenticationSubscriber implements EventSubscriberInterface
  12. {
  13.     public function __construct(private TokenStorageInterface $token)
  14.     {
  15.     }
  17.     public function onKernelRequest(RequestEvent $event)
  18.     {
  19.         $request $event->getRequest();
  20.         $session $request->getSession();
  21.         $accessToken $session->get('access_token');
  22.         $unauthentified $session->get('unauthentified');
  24.         // verification user=bot pour contournement de l'erreur 302
  25.         $userAgent $_SERVER['HTTP_USER_AGENT'] ?? '';
  26.         $isBot preg_match('/(googlebot|bingbot|slurp|duckduckbot|baiduspider|yandexbot|facebot|twitterbot)/i'$userAgent);
  27.         if ($isBot) {
  28.             return;
  29.         }
  31.         if ($request->getHost() == 'serviceslenord.spontaneit.fr' || $request->getHost() == 'services.lenord.fr') {
  32.             //return;
  33.             $httpClient HttpClient::create();
  34.             $keycloakUrl $_ENV['KEYCLOAK_BASE'];
  35.             try {
  36.                 $response $httpClient->request('GET'$keycloakUrl);
  37.                 $statusCode $response->getStatusCode();
  38.                 if ($statusCode !== 200) {
  39.                     return;
  40.                 } else {
  41.                     $content $response->getContent();
  42.                     $jsonData json_decode($contenttrue);
  43.                     if (!isset($jsonData['realm'])) {
  44.                         return;
  45.                     }
  46.                 }
  47.             } catch (\Exception $exception) {
  48.                 return;
  49.             }
  50.             // Silent Authenticator
  51.             if (isset($accessToken) && $accessToken->hasExpired() && !isset($unauthentified) || !isset($accessToken) && !isset($unauthentified)) {
  52.                 $targetUrl $request->getBaseUrl() . '/connect/oauth/silent';
  53.                 if (!str_contains($request->getPathInfo(), 'oauth')) {
  54.                     $current_url $request->getUri();
  55.                     $session->set('path'$current_url);
  56.                     //$session->set('path', $request->attributes->get('_route'));
  57.                     $session->remove('unauthentified');
  58.                     $redirectUrl = new RedirectResponse($targetUrl);
  59.                     $event->setResponse($redirectUrl);
  60.                 }
  61.             }
  62.         }
  63.     }
  65.     public static function getSubscribedEvents(): array
  66.     {
  67.         return [
  68.             'kernel.request' => 'onKernelRequest',
  69.         ];
  70.     }
  71. }