Merge pull request #18 from saasus-platform/feature/req-with-referer

Set Referer header when calling userinfo API in Auth middleware
saasus-platform · Aug 24, 2023 · 77f570f · 77f570f
2 parents db9de85 + 9bf23a6
commit 77f570f
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 3 deletions.
diff --git a/src/Api/Client.php b/src/Api/Client.php
@@ -27,8 +27,9 @@ class Client
     protected string $saasid;
     protected string $apikey;
     protected string $apibase;
+    protected string $referer;
 
-    function __construct()
+    function __construct($referer = "")
     {
         $this->secret = getenv('SAASUS_SECRET_KEY');
         $this->saasid = getenv('SAASUS_SAAS_ID');
@@ -43,11 +44,14 @@ function __construct()
             $this->apibase = "https://api.saasus.io";
         }
 
+        $this->referer = $referer;
+
         $handlers = HandlerStack::create();
         $handlers->push(new GuzzleMiddleware(
             $this->secret,
             $this->saasid,
             $this->apikey,
+            $this->referer
         ));
 
         $this->guzzleClient = new GuzzleClient(

diff --git a/src/Api/GuzzleMiddleware.php b/src/Api/GuzzleMiddleware.php
@@ -9,12 +9,14 @@ class GuzzleMiddleware
     protected string $secret;
     protected string $saasid;
     protected string $apikey;
+    protected string $referer;
 
-    function __construct($secret = "", $saasid = "", $apikey = "")
+    function __construct($secret = "", $saasid = "", $apikey = "", $referer = "")
     {
         $this->secret = $secret;
         $this->saasid = $saasid;
         $this->apikey = $apikey;
+        $this->referer = $referer;
     }
 
     public function __invoke(callable $next)
@@ -36,6 +38,9 @@ public function execute(\Psr\Http\Message\RequestInterface $req, array $options)
             $req->getBody()
         );
         $req = $req->withHeader('Authorization', $header);
+        if (!empty($this->referer)) {
+            $req = $req->withHeader('Referer', $this->referer);
+        }
 
         return call_user_func($this->next, $req, $options);
     }

diff --git a/src/Laravel/Middleware/Auth.php b/src/Laravel/Middleware/Auth.php
@@ -36,8 +36,13 @@ public function handle(Request $request, Closure $next)
             }
         }
 
+        $referer = $request->headers->get('referer');
+        if (empty($referer)) {
+            $referer = "";
+        }
+
         // リクエスト送信
-        $client = new ApiClient();
+        $client = new ApiClient($referer);
         $authApiClient = $client->getAuthClient();
         try {
             $response = $authApiClient->getUserInfo(['token' => $token], $authApiClient::FETCH_RESPONSE);