Skip to content

Add support for a Header differentiating proxied and non proxied Requests to UPWARD-PHP #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Add support for a Header differentiating proxied and non proxied Requests to UPWARD-PHP #45

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
db2cde9
Added support for a Header to indicating the request has already been…
Jun 9, 2022
51e42bb
Cleanup usage of "new" and unused "use"
Jun 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 21 additions & 1 deletion Plugin/Magento/Framework/App/AreaList.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
Expand All @@ -8,12 +9,22 @@
namespace Magento\UpwardConnector\Plugin\Magento\Framework\App;

use Magento\Framework\App\Config\ScopeConfigInterface;
use Magento\Framework\App\Request\Http as Request;
use Magento\Framework\App\ObjectManager;
use Magento\Store\Model\ScopeInterface;
use Magento\UpwardConnector\Api\UpwardPathManagerInterface;

class AreaList
{
public const UPWARD_HEADER = 'UpwardProxied';

public const UPWARD_ENV_HEADER = 'UPWARD_PHP_PROXY_HEADER';

/**
* @var \Magento\Framework\App\Request\Http
*/
private $request;

/**
* @var ScopeConfigInterface
*/
Expand All @@ -30,13 +41,16 @@ class AreaList
const UPWARD_CONFIG_PATH_FRONT_NAMES_TO_SKIP = 'web/upward/front_names_to_skip';

/**
* @param Request $httpRequest
* @param \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
* @param \Magento\UpwardConnector\Api\UpwardPathManagerInterface|null $pathManager
*/
public function __construct(
Request $httpRequest,
ScopeConfigInterface $scopeConfig,
?UpwardPathManagerInterface $pathManager = null
) {
$this->request = $httpRequest;
$this->scopeConfig = $scopeConfig;
$this->pathManager = $pathManager ?: ObjectManager::getInstance()->get(UpwardPathManagerInterface::class);
}
Expand All @@ -56,7 +70,6 @@ public function afterGetCodeByFrontName(
$result,
$frontName
) {

if ($result !== 'frontend') {
return $result;
}
Expand All @@ -73,6 +86,13 @@ public function afterGetCodeByFrontName(
) ?? ''
);

$upwardProxyEnv = getenv(self::UPWARD_ENV_HEADER);

/** $upwardProxyEnv needs to be truthy because getenv returns "false" if it didn't find it */
if ($upwardProxyEnv && $this->request->getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) {
return $result;
}

if ($frontName && in_array($frontName, $frontNamesToSkip)) {
return $result;
}
Expand Down
14 changes: 14 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,20 @@ The Magento 2 UPWARD connector has additional settings that can be configured in

These are the configurations for the UPWARD process itself.

#### UPWARD Environment variable

This environment variable is meant to allow a secure way for Magento2 to distinguish a request which went through the UPWARD Proxy, and a "natural" request.

```
# bash
export UPWARD_PHP_PROXY_HEADER='arbitrary_security_string' # preferably random, unique and longer than 16 characters

# nginx conf
fastcgi_param UPWARD_PHP_PROXY_HEADER "arbitrary_security_string";

```


#### UPWARD Config File

This configuration is the location of the UPWARD configuration file for the UPWARD-PHP server.
Expand Down