11.5/felogin_2_classes_2_redirect_2_redirect_handler_8php_source.html

<?php


declare(strict_types=1);


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


namespace ‪TYPO3\CMS\FrontendLogin\Redirect;


use Psr\Http\Message\ServerRequestInterface;

use ‪TYPO3\CMS\Core\Authentication\LoginType;

use ‪TYPO3\CMS\Core\Context\Context;

use ‪TYPO3\CMS\Core\Utility\GeneralUtility;

use ‪TYPO3\CMS\FrontendLogin\Configuration\RedirectConfiguration;

use ‪TYPO3\CMS\FrontendLogin\Validation\RedirectUrlValidator;


class ‪RedirectHandler

{

    protected ‪$userIsLoggedIn = false;


    protected ‪$requestHandler;


    protected ‪$redirectModeHandler;


    protected ‪$redirectUrlValidator;


    public function ‪__construct(

        ‪ServerRequestHandler ‪$requestHandler,

        ‪RedirectModeHandler ‪$redirectModeHandler,

        ‪Context $context,

        ‪RedirectUrlValidator ‪$redirectUrlValidator

    ) {

        $this->requestHandler = ‪$requestHandler;

        $this->redirectModeHandler = ‪$redirectModeHandler;

        $this->redirectUrlValidator = ‪$redirectUrlValidator;

        $this->userIsLoggedIn = (bool)$context->‪getPropertyFromAspect('frontend.user', 'isLoggedIn');

    }


    public function ‪processRedirect(string $loginType, ‪RedirectConfiguration $configuration, string $redirectModeReferrer): string

    {

        if ($this->‪isUserLoginFailedAndLoginErrorActive($configuration->‪getModes(), $loginType)) {

            return $this->redirectModeHandler->redirectModeLoginError($configuration->‪getPageOnLoginError());

        }


        $redirectUrlList = [];

        foreach ($configuration->‪getModes() as $redirectMode) {

            $redirectUrl = '';


            if ($loginType === ‪LoginType::LOGIN) {

                $redirectUrl = $this->‪handleSuccessfulLogin($redirectMode, $configuration->‪getPageOnLogin(), $configuration->‪getDomains(), $redirectModeReferrer);

            } elseif ($loginType === ‪LoginType::LOGOUT) {

                $redirectUrl = $this->‪handleSuccessfulLogout($redirectMode, $configuration->‪getPageOnLogout());

            }


            if ($redirectUrl !== '') {

                $redirectUrlList[] = $redirectUrl;

            }

        }


        return $this->‪fetchReturnUrlFromList($redirectUrlList, $configuration->‪getFirstMode());

    }


    protected function ‪getLogoutRedirectUrl(array $redirectModes, int $redirectPageLogout = 0): string

    {

        if ($this->userIsLoggedIn && $this->‪isRedirectModeActive($redirectModes, ‪RedirectMode::LOGOUT)) {

            return $this->redirectModeHandler->redirectModeLogout($redirectPageLogout);

        }

        return $this->‪getGetpostRedirectUrl($redirectModes);

    }


    protected function ‪getGetpostRedirectUrl(array $redirectModes): string

    {

        return $this->‪isRedirectModeActive($redirectModes, ‪RedirectMode::GETPOST)

            ? $this->requestHandler->getRedirectUrlRequestParam()

            : '';

    }


    protected function ‪handleSuccessfulLogout(string $redirectMode, int $redirectPageLogout): string

    {

        if ($redirectMode === ‪RedirectMode::LOGOUT) {

            return $this->redirectModeHandler->redirectModeLogout($redirectPageLogout);

        }

        return '';

    }


    protected function ‪fetchReturnUrlFromList(array $redirectUrlList, $redirectFirstMethod): string

    {

        if (count($redirectUrlList) === 0) {

            return '';

        }


        // Remove empty values, but keep "0" as value (that's why "strlen" is used as second parameter)

        $redirectUrlList = array_filter($redirectUrlList, static function (string $value): bool {

            return strlen($value) > 0;

        });


        return $redirectFirstMethod

            ? array_shift($redirectUrlList)

            : array_pop($redirectUrlList);

    }


    protected function ‪handleSuccessfulLogin(string $redirectMode, int $redirectPageLogin = 0, string $domains = '', string $redirectModeReferrer = ''): string

    {

        if (!$this->userIsLoggedIn) {

            return '';

        }


        // Logintype is needed because the login-page wouldn't be accessible anymore after a login (would always redirect)

        switch ($redirectMode) {

            case ‪RedirectMode::GROUP_LOGIN:

                $redirectUrl = $this->redirectModeHandler->redirectModeGroupLogin();

                break;

            case ‪RedirectMode::USER_LOGIN:

                $redirectUrl = $this->redirectModeHandler->redirectModeUserLogin();

                break;

            case ‪RedirectMode::LOGIN:

                $redirectUrl = $this->redirectModeHandler->redirectModeLogin($redirectPageLogin);

                break;

            case ‪RedirectMode::GETPOST:

                $redirectUrl = $this->requestHandler->getRedirectUrlRequestParam();

                break;

            case ‪RedirectMode::REFERRER:

                $redirectUrl = $this->redirectModeHandler->redirectModeReferrer($redirectModeReferrer);

                break;

            case ‪RedirectMode::REFERRER_DOMAINS:

                $redirectUrl = $this->redirectModeHandler->redirectModeReferrerDomains($domains, $redirectModeReferrer);

                break;

            default:

                $redirectUrl = '';

        }


        return $redirectUrl;

    }


    protected function ‪isUserLoginFailedAndLoginErrorActive(array $redirectModes, string $loginType): bool

    {

        return $loginType === ‪LoginType::LOGIN

            && !$this->userIsLoggedIn

            && $this->‪isRedirectModeActive($redirectModes, ‪RedirectMode::LOGIN_ERROR);

    }


    protected function ‪isRedirectModeActive(array $redirectModes, string $mode): bool

    {

        return in_array($mode, $redirectModes, true);

    }


    public function ‪getLoginFormRedirectUrl(‪RedirectConfiguration $configuration, bool $redirectDisabled): string

    {

        if (!$redirectDisabled) {

            return $this->‪getGetpostRedirectUrl($configuration->‪getModes());

        }

        return '';

    }


    public function ‪getReferrerForLoginForm(ServerRequestInterface $request, array $settings): string

    {

        // Early return, if redirectMode is not configured to respect the referrer

        if (!$this->‪isReferrerRedirectEnabled($settings)) {

            return '';

        }


        $referrer = (string)(

            $request->getParsedBody()['referer'] ??

            $request->getQueryParams()['referer'] ??

            $request->getServerParams()['HTTP_REFERER'] ??

            ''

        );


        // If the current request was initiated via sub-request, we use the URI of the original request as referrer

        if ($originalRequest = $request->getAttribute('originalRequest', false)) {

            $referrer = (string)$originalRequest->getUri();

        }


        if ($this->redirectUrlValidator->isValid($referrer)) {

            return $referrer;

        }


        return '';

    }


    protected function ‪isReferrerRedirectEnabled(array $settings): bool

    {

        $referrerRedirectModes = [‪RedirectMode::REFERRER, ‪RedirectMode::REFERRER_DOMAINS];

        $configuredRedirectModes = ‪GeneralUtility::trimExplode(',', $settings['redirectMode'] ?? '');

        return count(array_intersect($configuredRedirectModes, $referrerRedirectModes)) > 0;

    }


    public function ‪getLogoutFormRedirectUrl(‪RedirectConfiguration $configuration, int $redirectPageLogout, bool $redirectDisabled): string

    {

        if (!$redirectDisabled) {

            return $this->‪getLogoutRedirectUrl($configuration->‪getModes(), $redirectPageLogout);

        }

        return $this->requestHandler->getRedirectUrlRequestParam();

    }

}