vendor/friendsofsymfony/rest-bundle/EventListener/BodyListener.php line 57

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the FOSRestBundle package.
  5. *
  6. * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace FOS\RestBundle\EventListener;
  14. use FOS\RestBundle\Decoder\DecoderProviderInterface;
  15. use FOS\RestBundle\FOSRestBundle;
  16. use FOS\RestBundle\Normalizer\ArrayNormalizerInterface;
  17. use FOS\RestBundle\Normalizer\Exception\NormalizationException;
  18. use Symfony\Component\HttpFoundation\InputBag;
  19. use Symfony\Component\HttpFoundation\ParameterBag;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpKernel\Event\RequestEvent;
  22. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  23. use Symfony\Component\HttpKernel\Exception\UnsupportedMediaTypeHttpException;
  25. /**
  26. * This listener handles Request body decoding.
  27. *
  28. * @author Lukas Kahwe Smith <smith@pooteeweet.org>
  29. *
  30. * @internal
  31. */
  32. class BodyListener
  33. {
  34. private $decoderProvider;
  35. private $throwExceptionOnUnsupportedContentType;
  36. private $defaultFormat;
  37. private $arrayNormalizer;
  38. private $normalizeForms;
  40. public function __construct(
  41. DecoderProviderInterface $decoderProvider,
  42. bool $throwExceptionOnUnsupportedContentType = false,
  43. ?ArrayNormalizerInterface $arrayNormalizer = null,
  44. bool $normalizeForms = false
  45. ) {
  46. $this->decoderProvider = $decoderProvider;
  47. $this->throwExceptionOnUnsupportedContentType = $throwExceptionOnUnsupportedContentType;
  48. $this->arrayNormalizer = $arrayNormalizer;
  49. $this->normalizeForms = $normalizeForms;
  50. }
  52. public function setDefaultFormat(?string $defaultFormat): void
  53. {
  54. $this->defaultFormat = $defaultFormat;
  55. }
  57. public function onKernelRequest(RequestEvent $event): void
  58. {
  59. $request = $event->getRequest();
  61. if (!$request->attributes->get(FOSRestBundle::ZONE_ATTRIBUTE, true)) {
  62. return;
  63. }
  65. $method = $request->getMethod();
  66. $contentType = $request->headers->get('Content-Type');
  67. $normalizeRequest = $this->normalizeForms && $this->isFormRequest($request);
  69. if ($this->isDecodeable($request)) {
  70. $format = null === $contentType
  71. ? $request->getRequestFormat()
  72. : $request->getFormat($contentType);
  74. $format = $format ?: $this->defaultFormat;
  76. $content = $request->getContent();
  78. if (null === $format || !$this->decoderProvider->supports($format)) {
  79. if ($this->throwExceptionOnUnsupportedContentType
  80. && $this->isNotAnEmptyDeleteRequestWithNoSetContentType($method, $content, $contentType)
  81. ) {
  82. throw new UnsupportedMediaTypeHttpException("Request body format '$format' not supported");
  83. }
  85. return;
  86. }
  88. if (!empty($content)) {
  89. $decoder = $this->decoderProvider->getDecoder($format);
  90. $data = $decoder->decode($content);
  91. if (is_array($data)) {
  92. if (class_exists(InputBag::class)) {
  93. $request->request = new InputBag($data);
  94. } else {
  95. $request->request = new ParameterBag($data);
  96. }
  98. $normalizeRequest = true;
  99. } else {
  100. throw new BadRequestHttpException('Invalid '.$format.' message received');
  101. }
  102. }
  103. }
  105. if (null !== $this->arrayNormalizer && $normalizeRequest) {
  106. $data = $request->request->all();
  108. try {
  109. $data = $this->arrayNormalizer->normalize($data);
  110. } catch (NormalizationException $e) {
  111. throw new BadRequestHttpException($e->getMessage());
  112. }
  114. if (class_exists(InputBag::class)) {
  115. $request->request = new InputBag($data);
  116. } else {
  117. $request->request = new ParameterBag($data);
  118. }
  119. }
  120. }
  122. private function isNotAnEmptyDeleteRequestWithNoSetContentType(string $method, $content, ?string $contentType): bool
  123. {
  124. return false === ('DELETE' === $method && empty($content) && empty($contentType));
  125. }
  127. private function isDecodeable(Request $request): bool
  128. {
  129. if (!in_array($request->getMethod(), ['POST', 'PUT', 'PATCH', 'DELETE'])) {
  130. return false;
  131. }
  133. return !$this->isFormRequest($request);
  134. }
  136. private function isFormRequest(Request $request): bool
  137. {
  138. $contentTypeParts = explode(';', $request->headers->get('Content-Type', ''));
  140. if (isset($contentTypeParts[0])) {
  141. return in_array($contentTypeParts[0], ['multipart/form-data', 'application/x-www-form-urlencoded']);
  142. }
  144. return false;
  145. }
  146. }