src/Controller/FrontPageController.php line 41

<?php
namespace App\Controller;
use App\Entity\FsbRequest;
use App\Entity\User;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Knp\Component\Pager\PaginatorInterface;
use Doctrine\ORM\EntityManagerInterface;
// for Testing:
use Firebase\JWT\JWK;
use Firebase\JWT\JWT;
class FrontPageController extends AbstractController
{
private $entityManager;
/**
* Undocumented variable
*
* @var PaginatorInterface
*/
private PaginatorInterface $paginator;
/**
* Undocumented function
*
* @param EntityManagerInterface $twig
* @param PaginatorInterface $paginator
*/
public function __construct(EntityManagerInterface $entityManager, PaginatorInterface $paginator)
{
$this->entityManager = $entityManager;
$this->paginator = $paginator;
}
#[Route('/', name: 'home')]
public function index(): Response
{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
$user = $this->getUser();
$fsbRequestRepository = $this->entityManager->getRepository(FsbRequest::class);
$qb = $fsbRequestRepository->getQueryByUser($user);
$results = $this->paginator->paginate(
$qb,
1,
3,
[
'defaultSortFieldName' => 'mine.updatedAt',
'defaultSortDirection' => 'desc'
]
);
return $this->render('front_page/index.html.twig', [
'controller_name' => 'FrontPageController',
'fsb_requests' => $results,
]);
}
#[Route('/nutzen', name: 'nutzen')]
public function nutzen(): Response
{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
$user = $this->getUser();
$fsbRequestRepository = $this->entityManager->getRepository(FsbRequest::class);
$qb = $fsbRequestRepository->getQueryByUser($user);
$results = $this->paginator->paginate(
$qb,
1,
3,
[
'defaultSortFieldName' => 'mine.updatedAt',
'defaultSortDirection' => 'desc'
]
);
return $this->render('front_page/index.html.twig', [
'controller_name' => 'FrontPageController',
'fsb_requests' => $results,
]);
}
#[Route('/daten', name: 'daten')]
public function daten(): Response
{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
$user = $this->getUser();
$fsbRequestRepository = $this->entityManager->getRepository(FsbRequest::class);
$qb = $fsbRequestRepository->getQueryByUser($user);
$results = $this->paginator->paginate(
$qb,
1,
3,
[
'defaultSortFieldName' => 'mine.updatedAt',
'defaultSortDirection' => 'desc'
]
);
return $this->render('front_page/index.html.twig', [
'controller_name' => 'FrontPageController',
'fsb_requests' => $results,
]);
}
#[Route('/api2/test', name: 'app_api_test')]
public function apiTest()
{
/** @var User $user */
$user = $this->getUser();
return $this->json([
'message' => 'You successfully authenticated!',
'email' => $user->getEmail(),
]);
}
#[Route('.well-known/jwks.json', name: 'app_jwks', methods: ['GET'])]
public function jwks(): Response
{
// Load the public key from the filesystem and use OpenSSL to parse it.
$kernelDirectory = $this->getParameter('kernel.project_dir');
$publicKey = openssl_pkey_get_public(file_get_contents($kernelDirectory . '/var/keys/public.key'));
$details = openssl_pkey_get_details($publicKey);
$jwks = [
'keys' => [
[
'kty' => 'RSA',
'alg' => 'RS256',
'use' => 'sig',
'kid' => '1',
'n' => strtr(rtrim(base64_encode($details['rsa']['n']), '='), '+/', '-_'),
'e' => strtr(rtrim(base64_encode($details['rsa']['e']), '='), '+/', '-_'),
],
],
];
return $this->json($jwks);
}
// For Testing:
private string $clientId = '89ae85bfc478886f1419fsbstuckmann';
private string $clientSecret = 'a9189f952dd25f51ba4a0f33e50f0a69968480dd331bdb843be41bfe0c75069b';
private string $redirectUri = 'https://fsb.in-properties.de/client/callback';
private string $authServer = 'https://fsb.in-properties.de/authorize';
private string $tokenServer = 'https://fsb.in-properties.de/token';
private string $jwksUri = 'https://fsb.in-properties.de/.well-known/jwks.json';
private string $apiUri = 'https://fsb.in-properties.de/api';
#[Route('client', name: 'app_clienthome', methods: ['GET'])]
public function clienthome(Request $request)
{
$content = 'ha... ';
$accessToken = $request->query->get('access_token');
if (null !== $accessToken) {
$content .= '<a href="client/api?access_token='.$accessToken.'">Call API</a><a href="client/logout">Logout</a>';
} else {
$content .= '<a href="client/login">login</a><a href="client/logout">Logout</a>';
}
$response = new Response();
$response->headers->set('Content-Type', 'text/html');
$response->setContent('<html><body>'.$content.'</body></html>');
$response->setStatusCode(Response::HTTP_OK);
return $response;
}
#[Route('client/login', name: 'app_client_login', methods: ['GET'])]
public function clientlogin(Request $request)
{
// Redirect to the authorization server.
$params = [
'response_type' => 'code',
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri,
'scope' => 'profile email',
];
$url = $this->authServer . '?' . http_build_query($params);
return $this->redirect($url);
}
#[Route('client/callback', name: 'app_client_callback', methods: ['GET'])]
public function clientCallback(Request $request)
{
$code = $request->query->get('code') ?? null;
if (null === $code) {
$content = 'No code provided ';
if (null !== $request->query->get('error_description')) {
$content .= 'Error: ' . $request->query->get('error_description') . ' ';
}
$content .= '<a href="/client">Back</a>';
$response = new Response();
$response->headers->set('Content-Type', 'text/html');
$response->setContent('<html><body>'.$content.'</body></html>');
$response->setStatusCode(Response::HTTP_OK);
return $response;
}
// Swap the code for an access token.
$params = [
'grant_type' => 'authorization_code',
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri,
'code' => $code,
];
$ch = curl_init($this->tokenServer);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Ignore SSL for demo purposes.
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
$response = json_decode($response, true);
$accessToken = $response['access_token'] ?? null;
$content = '';
if (!$accessToken) {
$content = 'No access token provided ';
if (isset($response['hint'])) {
$content .= 'Error: ' . $response['hint'] . ' ';
}
$content .= '<a href="/">Back</a>';
$response2 = new Response();
$response2->headers->set('Content-Type', 'text/html');
$response2->setContent('<html><body>'.$content.'</body></html>');
$response2->setStatusCode(Response::HTTP_OK);
return $response2;
}
try {
$streamContext = stream_context_create([
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
],
]);
$jwks = JWK::parseKeySet(json_decode(file_get_contents($this->jwksUri, context: $streamContext), true));
var_dump('Wie heißt das erste Element:'. $jwks);
$jwttoken = $jwks[1];
JWT::$leeway = 10;
JWT::decode($accessToken, $jwks[1]);
} catch (\Exception $e) {
$content = 'Error decoding JWT: ' . $e->getMessage();
$response2 = new Response();
$response2->headers->set('Content-Type', 'text/html');
$response2->setContent('<html><body>'.$content.'</body></html>');
$response2->setStatusCode(Response::HTTP_OK);
return $response2;
}
// Save the access token in a cookie.
//$session = $this->requestStack->getSession();
// stores an attribute in the session for later reuse
//$session->set('accesstoken', $accessToken);
//$request->cookies->set('access_token', $accessToken, time() + 3600);
// Redirect to the home page.
return $this->redirect('/client?access_token='.$accessToken);
}
#[Route('client/api', name: 'app_client_api', methods: ['GET'])]
public function clientApi(Request $request)
{
// Get the access token from the cookie.
$accessToken = $request->query->get('access_token') ?? null;
if (null === $accessToken) {
$content = 'No access token provided. <a href="/">Back</a>';
$response2 = new Response();
$response2->headers->set('Content-Type', 'text/html');
$response2->setContent('<html><body>'.$content.'</body></html>');
$response2->setStatusCode(Response::HTTP_OK);
return $response2;
}
// Call the API.
$ch = curl_init($this->apiUri);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Bearer ' . $accessToken,
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Ignore SSL for demo purposes.
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
$response = json_decode($response, true);
$content = 'Calling API on ' . $this->apiUri . ' ';
$content .= 'With access token ' . $accessToken . '';
$content .= 'Response: <div class="w3-code"><pre>' . print_r($response, true) . '</pre></div> ';
$content .= '<a href="/client">Back</a>';
$response2 = new Response();
$response2->headers->set('Content-Type', 'text/html');
$response2->setContent('<html><body>'.$content.'</body></html>');
$response2->setStatusCode(Response::HTTP_OK);
return $response2;
}
#[Route('client/logout', name: 'app_client_logout', methods: ['GET'])]
public function clientLogout(Request $request)
{
$request->cookies->set('access_token', '', time() - 3600);
return $this->redirect('/client');
}
}

Filepath:: /var/www/vhosts/in-properties.de/fsb.in-properties.de/fsb-tasks/src/Controller/FrontPageController.php
Last modified:: September 21, 2022 13:19
Size:: 11 KB / 308 lines

Open this file in your IDE?

Symfony Profiler

src/Controller/FrontPageController.php line 41