From db2cde979368cc234bb071aad67eb1ae19139b83 Mon Sep 17 00:00:00 2001 From: chorgues Date: Thu, 9 Jun 2022 10:59:34 -0400 Subject: [PATCH 1/2] Added support for a Header to indicating the request has already been proxied though upward-php --- Plugin/Magento/Framework/App/AreaList.php | 15 ++++++++++++++- README.md | 14 ++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/Plugin/Magento/Framework/App/AreaList.php b/Plugin/Magento/Framework/App/AreaList.php index 7428d11..8073fb8 100644 --- a/Plugin/Magento/Framework/App/AreaList.php +++ b/Plugin/Magento/Framework/App/AreaList.php @@ -1,4 +1,5 @@ getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) { + return $result; + } + if ($frontName && in_array($frontName, $frontNamesToSkip)) { return $result; } diff --git a/README.md b/README.md index 9a50836..8e15609 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,20 @@ The Magento 2 UPWARD connector has additional settings that can be configured in These are the configurations for the UPWARD process itself. +#### UPWARD Environment variable + +This environment variable is meant to allow a secure way for Magento2 to distinguish a request which went through the UPWARD Proxy, and a "natural" request. + +``` +# bash +export UPWARD_PHP_PROXY_HEADER='arbitrary_security_string' # preferably random, unique and longer than 16 characters + +# nginx conf +fastcgi_param UPWARD_PHP_PROXY_HEADER "arbitrary_security_string"; + +``` + + #### UPWARD Config File This configuration is the location of the UPWARD configuration file for the UPWARD-PHP server. From 51e42bb73e528ab88f261b72a8e08467eb55d196 Mon Sep 17 00:00:00 2001 From: chorgues Date: Thu, 9 Jun 2022 11:45:38 -0400 Subject: [PATCH 2/2] Cleanup usage of "new" and unused "use" --- Plugin/Magento/Framework/App/AreaList.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/Plugin/Magento/Framework/App/AreaList.php b/Plugin/Magento/Framework/App/AreaList.php index 8073fb8..c3ae01c 100644 --- a/Plugin/Magento/Framework/App/AreaList.php +++ b/Plugin/Magento/Framework/App/AreaList.php @@ -9,9 +9,9 @@ namespace Magento\UpwardConnector\Plugin\Magento\Framework\App; use Magento\Framework\App\Config\ScopeConfigInterface; +use Magento\Framework\App\Request\Http as Request; use Magento\Framework\App\ObjectManager; use Magento\Store\Model\ScopeInterface; -use Magento\Upward\Resolver\Proxy; use Magento\UpwardConnector\Api\UpwardPathManagerInterface; class AreaList @@ -20,6 +20,11 @@ class AreaList public const UPWARD_ENV_HEADER = 'UPWARD_PHP_PROXY_HEADER'; + /** + * @var \Magento\Framework\App\Request\Http + */ + private $request; + /** * @var ScopeConfigInterface */ @@ -36,13 +41,16 @@ class AreaList const UPWARD_CONFIG_PATH_FRONT_NAMES_TO_SKIP = 'web/upward/front_names_to_skip'; /** + * @param Request $httpRequest * @param \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig * @param \Magento\UpwardConnector\Api\UpwardPathManagerInterface|null $pathManager */ public function __construct( + Request $httpRequest, ScopeConfigInterface $scopeConfig, ?UpwardPathManagerInterface $pathManager = null ) { + $this->request = $httpRequest; $this->scopeConfig = $scopeConfig; $this->pathManager = $pathManager ?: ObjectManager::getInstance()->get(UpwardPathManagerInterface::class); } @@ -78,11 +86,10 @@ public function afterGetCodeByFrontName( ) ?? '' ); - $request = new \Laminas\Http\PhpEnvironment\Request(); $upwardProxyEnv = getenv(self::UPWARD_ENV_HEADER); /** $upwardProxyEnv needs to be truthy because getenv returns "false" if it didn't find it */ - if ($upwardProxyEnv && $request->getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) { + if ($upwardProxyEnv && $this->request->getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) { return $result; }