| Current File : /home/pacjaorg/public_html/km/libraries/src/Service/Provider/Session.php |
<?php
/**
* Joomla! Content Management System
*
* @copyright (C) 2018 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\CMS\Service\Provider;
use Joomla\CMS\Application\AdministratorApplication;
use Joomla\CMS\Application\ApplicationHelper;
use Joomla\CMS\Application\CMSApplicationInterface;
use Joomla\CMS\Application\ConsoleApplication;
use Joomla\CMS\Application\SiteApplication;
use Joomla\CMS\Factory;
use Joomla\CMS\Installation\Application\InstallationApplication;
use Joomla\CMS\Session\EventListener\MetadataManagerListener;
use Joomla\CMS\Session\MetadataManager;
use Joomla\CMS\Session\SessionFactory;
use Joomla\CMS\Session\SessionManager;
use Joomla\CMS\Session\Storage\JoomlaStorage;
use Joomla\Database\DatabaseInterface;
use Joomla\DI\Container;
use Joomla\DI\Exception\DependencyResolutionException;
use Joomla\DI\ServiceProviderInterface;
use Joomla\Event\DispatcherInterface;
use Joomla\Event\LazyServiceEventListener;
use Joomla\Event\Priority;
use Joomla\Registry\Registry;
use Joomla\Session\HandlerInterface;
use Joomla\Session\SessionEvents;
use Joomla\Session\SessionInterface;
use Joomla\Session\Storage\RuntimeStorage;
use Joomla\Session\StorageInterface;
// phpcs:disable PSR1.Files.SideEffects
\defined('JPATH_PLATFORM') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Service provider for the application's session dependency
*
* @since 4.0.0
*/
class Session implements ServiceProviderInterface
{
/**
* Registers the service provider with a DI container.
*
* @param Container $container The DI container.
*
* @return void
*
* @since 4.0.0
*/
public function register(Container $container)
{
$container->share(
'session.web.administrator',
function (Container $container) {
/** @var Registry $config */
$config = $container->get('config');
$app = Factory::getApplication();
// Generate a session name.
$name = ApplicationHelper::getHash($config->get('session_name', AdministratorApplication::class));
// Calculate the session lifetime.
$lifetime = $config->get('lifetime') ? $config->get('lifetime') * 60 : 900;
// Initialize the options for the Session object.
$options = [
'name' => $name,
'expire' => $lifetime,
];
if ($config->get('force_ssl') >= 1) {
$options['force_ssl'] = true;
}
$handler = $container->get('session.factory')->createSessionHandler($options);
if (!$container->has('session.handler')) {
$this->registerSessionHandlerAsService($container, $handler);
}
return $this->buildSession(
new JoomlaStorage($app->getInput(), $handler, $options),
$app,
$container->get(DispatcherInterface::class),
$options
);
},
true
);
$container->share(
'session.web.installation',
function (Container $container) {
/** @var Registry $config */
$config = $container->get('config');
$app = Factory::getApplication();
/**
* Session handler for the session is always filesystem so it doesn't flip to the database after
* configuration.php has been written to
*/
$config->set('session_handler', 'filesystem');
/**
* Generate a session name - unlike all the other apps we don't have either a secret or a session name
* (that's not the app name) until we complete installation which then leads to us dropping things like
* language preferences after installation as the app refreshes.
*/
$name = md5(serialize(JPATH_ROOT . InstallationApplication::class));
// Calculate the session lifetime.
$lifetime = $config->get('lifetime') ? $config->get('lifetime') * 60 : 900;
// Initialize the options for the Session object.
$options = [
'name' => $name,
'expire' => $lifetime,
];
$handler = $container->get('session.factory')->createSessionHandler($options);
if (!$container->has('session.handler')) {
$this->registerSessionHandlerAsService($container, $handler);
}
return $this->buildSession(
new JoomlaStorage($app->getInput(), $handler),
$app,
$container->get(DispatcherInterface::class),
$options
);
},
true
);
$container->share(
'session.web.site',
function (Container $container) {
/** @var Registry $config */
$config = $container->get('config');
$app = Factory::getApplication();
// Generate a session name.
$name = ApplicationHelper::getHash($config->get('session_name', SiteApplication::class));
// Calculate the session lifetime.
$lifetime = $config->get('lifetime') ? $config->get('lifetime') * 60 : 900;
// Initialize the options for the Session object.
$options = [
'name' => $name,
'expire' => $lifetime,
];
if ($config->get('force_ssl') == 2) {
$options['force_ssl'] = true;
}
$handler = $container->get('session.factory')->createSessionHandler($options);
if (!$container->has('session.handler')) {
$this->registerSessionHandlerAsService($container, $handler);
}
return $this->buildSession(
new JoomlaStorage($app->getInput(), $handler, $options),
$app,
$container->get(DispatcherInterface::class),
$options
);
},
true
);
$container->share(
'session.cli',
function (Container $container) {
/** @var Registry $config */
$config = $container->get('config');
$app = Factory::getApplication();
// Generate a session name.
$name = ApplicationHelper::getHash($config->get('session_name', ConsoleApplication::class));
// Calculate the session lifetime.
$lifetime = $config->get('lifetime') ? $config->get('lifetime') * 60 : 900;
// Initialize the options for the Session object.
$options = [
'name' => $name,
'expire' => $lifetime,
];
// Unlike the web apps, we will only toggle the force SSL setting based on it being enabled and not based on client
if ($config->get('force_ssl') >= 1) {
$options['force_ssl'] = true;
}
$handler = $container->get('session.factory')->createSessionHandler($options);
if (!$container->has('session.handler')) {
$this->registerSessionHandlerAsService($container, $handler);
}
return $this->buildSession(
new RuntimeStorage(),
$app,
$container->get(DispatcherInterface::class),
$options
);
},
true
);
$container->alias(SessionFactory::class, 'session.factory')
->share(
'session.factory',
function (Container $container) {
$factory = new SessionFactory();
$factory->setContainer($container);
return $factory;
},
true
);
$container->alias(SessionManager::class, 'session.manager')
->share(
'session.manager',
function (Container $container) {
if (!$container->has('session.handler')) {
throw new DependencyResolutionException(
'The "session.handler" service has not been created, make sure you have created the "session" service first.'
);
}
return new SessionManager($container->get('session.handler'));
},
true
);
$container->alias(MetadataManager::class, 'session.metadata_manager')
->share(
'session.metadata_manager',
function (Container $container) {
/*
* Normally we should inject the application as a dependency via $container->get() however there is not
* a 'app' or CMSApplicationInterface::class key for the primary application of the request so we need to
* rely on the application having been injected to the global Factory otherwise we cannot build the service
*/
if (!Factory::$application) {
throw new DependencyResolutionException(
sprintf(
'Creating the "session.metadata_manager" service requires %s::$application be initialised.',
Factory::class
)
);
}
return new MetadataManager(Factory::$application, $container->get(DatabaseInterface::class));
},
true
);
$container->alias(MetadataManagerListener::class, 'session.event_listener.metadata_manager')
->share(
'session.event_listener.metadata_manager',
function (Container $container) {
return new MetadataManagerListener($container->get(MetadataManager::class), $container->get('config'));
},
true
);
$listener = new LazyServiceEventListener($container, 'session.event_listener.metadata_manager', 'onAfterSessionStart');
/** @var DispatcherInterface $dispatcher */
$dispatcher = $container->get(DispatcherInterface::class);
$dispatcher->addListener(SessionEvents::START, $listener);
}
/**
* Build the root session service
*
* @param StorageInterface $storage The session storage engine.
* @param CMSApplicationInterface $app The application instance.
* @param DispatcherInterface $dispatcher The event dispatcher.
* @param array $options The configured session options.
*
* @return SessionInterface
*
* @since 4.0.0
*/
private function buildSession(
StorageInterface $storage,
CMSApplicationInterface $app,
DispatcherInterface $dispatcher,
array $options
): SessionInterface {
$input = $app->getInput();
if (method_exists($app, 'afterSessionStart')) {
$dispatcher->addListener(SessionEvents::START, [$app, 'afterSessionStart'], Priority::HIGH);
}
$session = new \Joomla\CMS\Session\Session($storage, $dispatcher, $options);
return $session;
}
/**
* Registers the session handler as a service
*
* @param Container $container The container to register the service to.
* @param \SessionHandlerInterface $sessionHandler The session handler.
*
* @return void
*
* @since 4.0.0
*/
private function registerSessionHandlerAsService(Container $container, \SessionHandlerInterface $sessionHandler): void
{
// Alias the session handler to the core SessionHandlerInterface for improved autowiring and discoverability
$container->alias(\SessionHandlerInterface::class, 'session.handler')
->share(
'session.handler',
$sessionHandler,
true
);
// If the session handler implements the extended interface, register an alias for that as well
if ($sessionHandler instanceof HandlerInterface) {
$container->alias(HandlerInterface::class, 'session.handler');
}
}
}