-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathUcrmSecurity.php
120 lines (105 loc) · 3.59 KB
/
UcrmSecurity.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
/*
* This file is part of UCRM Plugin SDK.
*
* Copyright (c) 2019 Ubiquiti Inc.
*
* For the full copyright and license information, please view the LICENSE.md
* file that was distributed with this source code.
*/
declare(strict_types=1);
namespace Ubnt\UcrmPluginSdk\Service;
use GuzzleHttp\Client;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\GuzzleException;
use Ubnt\UcrmPluginSdk\Data\UcrmUser;
use Ubnt\UcrmPluginSdk\Exception\ConfigurationException;
use Ubnt\UcrmPluginSdk\Exception\InvalidPluginRootPathException;
use Ubnt\UcrmPluginSdk\Exception\JsonException;
use Ubnt\UcrmPluginSdk\Util\Helpers;
use Ubnt\UcrmPluginSdk\Util\Json;
/**
* This class can be used to retrieve User, that is currently logged into UCRM.
*
* Note: This feature is available since UCRM 2.14.0-beta1.
*/
class UcrmSecurity
{
public function __construct(
private Client $client,
) {
}
/**
* Creates instance of UcrmSecurity class, using automatically generated plugin configuration to setup UCRM URL.
*
* Example usage:
*
* $ucrmSecurity = UcrmSecurity::create();
*
* The `$pluginRootPath` parameter can be used to change root directory of plugin.
*
* @throws ConfigurationException
* @throws InvalidPluginRootPathException
* @throws JsonException
*
* @see AbstractOptionsManager::__construct() for more information.
*/
public static function create(?string $pluginRootPath = null): self
{
$ucrmOptionsManager = new UcrmOptionsManager($pluginRootPath);
$options = $ucrmOptionsManager->loadOptions();
$ucrmUrl = $options->ucrmLocalUrl ?? $options->ucrmPublicUrl ?? '';
if ($ucrmUrl === '') {
throw new ConfigurationException('UCRM URL is missing in plugin configuration.');
}
$ucrmUrl = sprintf('%s/', rtrim($ucrmUrl, '/'));
$client = new Client(
[
'base_uri' => $ucrmUrl,
// If the URL is localhost over HTTPS, do not verify SSL certificate.
'verify' => ! Helpers::isUrlSecureLocalhost($ucrmUrl),
]
);
return new self($client);
}
/**
* Returns user, that is currently logged into UCRM or `null`, if there is no logged in user.
*
* Note: This feature is available since UCRM 2.14.0-beta1.
*
* @throws GuzzleException
* @throws JsonException
*/
public function getUser(): ?UcrmUser
{
try {
$cookies = [
'PHPSESSID=' . $this->getSanitizedCookie('PHPSESSID'),
'nms-crm-php-session-id=' . $this->getSanitizedCookie('nms-crm-php-session-id'),
'nms-session=' . $this->getSanitizedCookie('nms-session'),
];
$response = $this->client->request(
'GET',
'current-user',
[
'headers' => [
'content-type' => 'application/json',
'cookie' => implode('; ', $cookies),
],
]
);
} catch (ClientException $exception) {
if ($exception->getResponse()->getStatusCode() === 403) {
return null;
}
throw $exception;
}
return new UcrmUser(Json::decode($response->getBody()->getContents()));
}
private function getSanitizedCookie(string $name): ?string
{
$value = $_COOKIE[$name] ?? '';
$value = is_string($value) ? $value : '';
return preg_replace('~[^a-zA-Z0-9-]~', '', $value);
}
}