Fix authentication for subrequests

f95bc1a7 · Mateu Aguiló Bosch · 257cb98b · f95bc1a7 · f95bc1a7 · f95bc1a7
Unverified Commit f95bc1a7 authored Mar 24, 2017 by Mateu Aguiló Bosch
--- a/src/Blueprint/RequestTree.php
+++ b/src/Blueprint/RequestTree.php
@@ -293,6 +293,7 @@ class RequestTree {
      (array) $request->server->getIterator(),
      $content
    );
+    // Set the sub-request headers.
    foreach ($request->headers as $key => $val) {
      $new_request->headers->set($key, $val);
    }

--- a/src/Controller/FrontController.php
+++ b/src/Controller/FrontController.php
@@ -68,7 +68,7 @@ class FrontController extends ControllerBase {
      // Handle the requests for the trees at this level and gather the
      // responses.
      $level_responses = array_map(function (Request $request) {
-        return $this->httpKernel->handle($request, HttpKernelInterface::SUB_REQUEST);
+        return $this->httpKernel->handle($request, HttpKernelInterface::MASTER_REQUEST);
      }, $requests);
      $responses = array_merge(
        $responses,

--- a/src/Normalizer/JsonSubrequestDenormalizer.php
+++ b/src/Normalizer/JsonSubrequestDenormalizer.php
@@ -55,6 +55,7 @@ class JsonSubrequestDenormalizer implements DenormalizerInterface {
    $request->setSession($master_request->getSession());
    // Replace the headers by the ones in the subrequest.
    $request->headers = new HeaderBag($data['headers']);
+    $this::fixBasicAuth($request);

    // Add the content ID to the sub-request.
    $content_id = empty($data['requestId'])
@@ -116,4 +117,22 @@ class JsonSubrequestDenormalizer implements DenormalizerInterface {
    }
  }

+  /**
+   * Adds the decoded username and password headers for Basic Auth.
+   *
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The request to fix.
+   */
+  protected static function fixBasicAuth(Request $request) {
+    // The server will not set the PHP_AUTH_USER and PHP_AUTH_PW for the
+    // subrequests if needed.
+    if ($request->headers->has('Authorization')) {
+      $header = $request->headers->get('Authorization');
+      if (strpos($header, 'Basic ') === 0) {
+        list($user, $pass) = explode(':', base64_decode(substr($header, 6)));
+        $request->headers->set('PHP_AUTH_USER', $user);
+        $request->headers->set('PHP_AUTH_PW', $pass);
+      }
+    }
+  }
 }