<?php
declare(strict_types=1);
namespace App\Subscriber;
use App\Exception\Auth\AuthenticationFailedException;
use Flagception\Manager\FeatureManagerInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\KernelEvents;
class SecurityKeySubscriber implements EventSubscriberInterface
{
private FeatureManagerInterface $manager;
public function __construct(FeatureManagerInterface $manager)
{
$this->manager = $manager;
}
public function onKernelRequest(RequestEvent $event)
{
$request = $event->getRequest();
$featureName = $request->attributes->get('_feature');
$securityKey = $request->headers->get('authorization');
$additionalInfo = [
'feature' => $featureName,
];
if ($featureName && $this->manager->isActive($featureName) && $securityKey !== getenv(strtoupper($featureName) . '_SECURITY_KEY')) {
throw new AuthenticationFailedException($additionalInfo);
}
}
public static function getSubscribedEvents()
{
return [
KernelEvents::REQUEST => [['onKernelRequest', 19]],
];
}
}