queue-manager-bundle/src/Mcfedr/QueueManagerBundle/Controller/PubSubController.php at a417eb332ffb51a11f1e9ce21b77a796d27cfd73 · mcfedr/queue-manager-bundle · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php

declare(strict_types=1);

namespace Mcfedr\QueueManagerBundle\Controller;

use Google\Auth\AccessToken;
use Mcfedr\QueueManagerBundle\Exception\UnrecoverableJobExceptionInterface;
use Mcfedr\QueueManagerBundle\Model\PubSubData;
use Mcfedr\QueueManagerBundle\Model\PubSubMessage;
use Mcfedr\QueueManagerBundle\Queue\PubSubJob;
use Mcfedr\QueueManagerBundle\Runner\JobExecutor;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Serializer\SerializerInterface;

class PubSubController extends AbstractController
{
    public const DEFAULT_AUDIENCE = 'default_audience';
    /**
     * @var JobExecutor
     */
    private $jobExecutor;
    /**
     * @var AccessToken
     */
    private $accessToken;
    /**
     * @var SerializerInterface
     */
    private $serializer;

    public function __construct(JobExecutor $jobExecutor, AccessToken $accessToken, SerializerInterface $serializer)
    {
        $this->jobExecutor = $jobExecutor;
        $this->accessToken = $accessToken;
        $this->serializer = $serializer;
    }

    /**
     * @Route("/pubsub/{queue}", name="pubsub", methods={"POST"})
     */
    public function pubsub(Request $request, string $queue)
    {
        set_time_limit(0);

        $headers = getallheaders();
        if (!($auth = $request->headers->get('Authorization')) && isset($headers['Authorization'])) {
            $auth = $headers['Authorization'];
        }

        if (!$auth) {
            throw new AccessDeniedHttpException('Authorization header not provided.');
        }
        $jwt = str_replace('Bearer ', '', $auth);

        $payload = $this->accessToken->verify($jwt);
        $audience = $this->getParameter("mcfedr_queue_manager.{$queue}.audience");
        if (!$payload || !isset($payload['aud']) || ($payload['aud'] !== $audience && self::DEFAULT_AUDIENCE !== $audience)) {
            throw new AccessDeniedHttpException('Could not verify token!');
        }

        $message = $this->serializer->deserialize($request->getContent(), PubSubMessage::class, 'json')->getMessage();

        if (!$message || !isset($message['data'])) {
            return new Response();
        }

        /** @var PubSubData $data */
        $data = $this->serializer->deserialize(base64_decode($message['data'], true), PubSubData::class, 'json');

        try {
            $this->jobExecutor->executeJob(new PubSubJob(
                $data->getName(),
                $data->getArguments(),
                null,
                $data->getRetryCount()
            ));
        } catch (UnrecoverableJobExceptionInterface $e) {
            return new Response();
        }

        return new Response();
    }
}