vendor/noxlogic/ratelimit-bundle/EventListener/RateLimitAnnotationListener.php line 54

Open in your IDE?
  1. <?php
  3. namespace Noxlogic\RateLimitBundle\EventListener;
  5. use Noxlogic\RateLimitBundle\Annotation\RateLimit;
  6. use Noxlogic\RateLimitBundle\Events\CheckedRateLimitEvent;
  7. use Noxlogic\RateLimitBundle\Events\GenerateKeyEvent;
  8. use Noxlogic\RateLimitBundle\Events\RateLimitEvents;
  9. use Noxlogic\RateLimitBundle\Exception\RateLimitExceptionInterface;
  10. use Noxlogic\RateLimitBundle\Service\RateLimitService;
  11. use Noxlogic\RateLimitBundle\Util\PathLimitProcessor;
  12. use Symfony\Component\EventDispatcher\EventDispatcherInterface as LegacyEventDispatcherInterface;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  16. use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
  17. use Symfony\Component\HttpKernel\HttpKernelInterface;
  18. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  20. class RateLimitAnnotationListener extends BaseListener
  21. {
  23.     /**
  24.      * @var EventDispatcherInterface | LegacyEventDispatcherInterface
  25.      */
  26.     protected $eventDispatcher;
  28.     /**
  29.      * @var \Noxlogic\RateLimitBundle\Service\RateLimitService
  30.      */
  31.     protected $rateLimitService;
  33.     /**
  34.      * @var \Noxlogic\RateLimitBundle\Util\PathLimitProcessor
  35.      */
  36.     protected $pathLimitProcessor;
  38.     /**
  39.      * @param RateLimitService                    $rateLimitService
  40.      */
  41.     public function __construct(
  42.         $eventDispatcher,
  43.         RateLimitService $rateLimitService,
  44.         PathLimitProcessor $pathLimitProcessor
  45.     ) {
  46.         $this->eventDispatcher $eventDispatcher;
  47.         $this->rateLimitService $rateLimitService;
  48.         $this->pathLimitProcessor $pathLimitProcessor;
  49.     }
  51.     /**
  52.      * @param ControllerEvent|FilterControllerEvent $event
  53.      */
  54.     public function onKernelController($event)
  55.     {
  56.         // Skip if the bundle isn't enabled (for instance in test environment)
  57.         if( ! $this->getParameter('enabled'true)) {
  58.             return;
  59.         }
  61.         // Skip if we aren't the main request
  62.         if ($event->getRequestType() != HttpKernelInterface::MASTER_REQUEST) {
  63.             return;
  64.         }
  66.         // Find the best match
  67.         $annotations $event->getRequest()->attributes->get('_x-rate-limit', array());
  68.         $rateLimit $this->findBestMethodMatch($event->getRequest(), $annotations);
  70.         // Another treatment before applying RateLimit ?
  71.         $checkedRateLimitEvent = new CheckedRateLimitEvent($event->getRequest(), $rateLimit);
  72.         $this->dispatch(RateLimitEvents::CHECKED_RATE_LIMIT$checkedRateLimitEvent);
  73.         $rateLimit $checkedRateLimitEvent->getRateLimit();
  75.         // No matching annotation found
  76.         if (! $rateLimit) {
  77.             return;
  78.         }
  80.         $key $this->getKey($event$rateLimit$annotations);
  82.         // Ratelimit the call
  83.         $rateLimitInfo $this->rateLimitService->limitRate($key);
  84.         if (! $rateLimitInfo) {
  85.             // Create new rate limit entry for this call
  86.             $rateLimitInfo $this->rateLimitService->createRate($key$rateLimit->getLimit(), $rateLimit->getPeriod());
  87.             if (! $rateLimitInfo) {
  88.                 // @codeCoverageIgnoreStart
  89.                 return;
  90.                 // @codeCoverageIgnoreEnd
  91.             }
  92.         }
  95.         // Store the current rating info in the request attributes
  96.         $request $event->getRequest();
  97.         $request->attributes->set('rate_limit_info'$rateLimitInfo);
  99.         // Reset the rate limits
  100.         if(time() >= $rateLimitInfo->getResetTimestamp()) {
  101.             $this->rateLimitService->resetRate($key);
  102.             $rateLimitInfo $this->rateLimitService->createRate($key$rateLimit->getLimit(), $rateLimit->getPeriod());
  103.             if (! $rateLimitInfo) {
  104.                 // @codeCoverageIgnoreStart
  105.                 return;
  106.                 // @codeCoverageIgnoreEnd
  107.             }
  108.         }
  110.         // When we exceeded our limit, return a custom error response
  111.         if ($rateLimitInfo->getCalls() > $rateLimitInfo->getLimit()) {
  113.             // Throw an exception if configured.
  114.             if ($this->getParameter('rate_response_exception')) {
  115.                 $class $this->getParameter('rate_response_exception');
  117.                 $e = new $class($this->getParameter('rate_response_message'), $this->getParameter('rate_response_code'));
  119.                 if ($e instanceof RateLimitExceptionInterface) {
  120.                     $e->setPayload($rateLimit->getPayload());
  121.                 }
  123.                 throw $e;
  124.             }
  126.             $message $this->getParameter('rate_response_message');
  127.             $code $this->getParameter('rate_response_code');
  128.             $event->setController(function () use ($message$code) {
  129.                 // @codeCoverageIgnoreStart
  130.                 return new Response($message$code);
  131.                 // @codeCoverageIgnoreEnd
  132.             });
  133.             $event->stopPropagation();
  134.         }
  136.     }
  139.     /**
  140.      * @param RateLimit[] $annotations
  141.      */
  142.     protected function findBestMethodMatch(Request $request, array $annotations)
  143.     {
  144.         // Empty array, check the path limits
  145.         if (count($annotations) == 0) {
  146.             return $this->pathLimitProcessor->getRateLimit($request);
  147.         }
  149.         $best_match null;
  150.         foreach ($annotations as $annotation) {
  151.             // cast methods to array, even method holds a string
  152.             $methods is_array($annotation->getMethods()) ? $annotation->getMethods() : array($annotation->getMethods());
  154.             if (in_array($request->getMethod(), $methods)) {
  155.                 $best_match $annotation;
  156.             }
  158.             // Only match "default" annotation when we don't have a best match
  159.             if (count($annotation->getMethods()) == && $best_match == null) {
  160.                 $best_match $annotation;
  161.             }
  162.         }
  164.         return $best_match;
  165.     }
  167.     /**
  168.      * @param ControllerEvent|FilterControllerEvent $event
  169.      * @param RateLimit $rateLimit
  170.      * @param array $annotations
  171.      * @return string
  172.      */
  173.     private function getKey($eventRateLimit $rateLimit, array $annotations)
  174.     {
  175.         // Let listeners manipulate the key
  176.         $keyEvent = new GenerateKeyEvent($event->getRequest(), ''$rateLimit->getPayload());
  178.         $rateLimitMethods implode('.'$rateLimit->getMethods());
  179.         $keyEvent->addToKey($rateLimitMethods);
  181.         $rateLimitAlias count($annotations) === 0
  182.             str_replace('/''.'$this->pathLimitProcessor->getMatchedPath($event->getRequest()))
  183.             : $this->getAliasForRequest($event);
  184.         $keyEvent->addToKey($rateLimitAlias);
  186.         $this->dispatch(RateLimitEvents::GENERATE_KEY$keyEvent);
  188.         return $keyEvent->getKey();
  189.     }
  191.     /**
  192.      * @param string $route
  193.      * @param ControllerEvent|FilterControllerEvent $controller
  194.      * @return mixed|string
  195.      */
  196.     private function getAliasForRequest($event)
  197.     {
  198.         if (($route $event->getRequest()->attributes->get('_route'))) {
  199.             return $route;
  200.         }
  202.         $controller $event->getController();
  204.         if (is_string($controller) && false !== strpos($controller'::')) {
  205.             $controller explode('::'$controller);
  206.         }
  208.         if (is_array($controller)) {
  209.             return str_replace('\\''.'is_string($controller[0]) ? $controller[0] : get_class($controller[0])) . '.' $controller[1];
  210.         }
  212.         if ($controller instanceof \Closure) {
  213.             return 'closure';
  214.         }
  216.         if (is_object($controller)) {
  217.             return str_replace('\\''.'get_class($controller[0]));
  218.         }
  220.         return 'other';
  221.     }
  223.     private function dispatch($eventName$event)
  224.     {
  225.         if ($this->eventDispatcher instanceof EventDispatcherInterface) {
  226.             // Symfony >= 4.3
  227.             $this->eventDispatcher->dispatch($event$eventName);
  228.         } else {
  229.             // Symfony 3.4
  230.             $this->eventDispatcher->dispatch($eventName$event);
  231.         }
  232.     }
  234. }