vendor/shopware/core/Framework/Webhook/WebhookDispatcher.php line 94

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Webhook;
  5. use Doctrine\DBAL\Connection;
  6. use GuzzleHttp\Client;
  7. use GuzzleHttp\Pool;
  8. use GuzzleHttp\Psr7\Request;
  9. use Shopware\Core\DevOps\Environment\EnvironmentHelper;
  10. use Shopware\Core\Framework\App\AppLocaleProvider;
  11. use Shopware\Core\Framework\App\Event\AppChangedEvent;
  12. use Shopware\Core\Framework\App\Event\AppDeletedEvent;
  13. use Shopware\Core\Framework\App\Event\AppFlowActionEvent;
  14. use Shopware\Core\Framework\App\Exception\AppUrlChangeDetectedException;
  15. use Shopware\Core\Framework\App\Hmac\Guzzle\AuthMiddleware;
  16. use Shopware\Core\Framework\App\Hmac\RequestSigner;
  17. use Shopware\Core\Framework\App\ShopId\ShopIdProvider;
  18. use Shopware\Core\Framework\Context;
  19. use Shopware\Core\Framework\DataAbstractionLayer\EntityRepositoryInterface;
  20. use Shopware\Core\Framework\DataAbstractionLayer\Event\EntityWrittenContainerEvent;
  21. use Shopware\Core\Framework\DataAbstractionLayer\Search\Criteria;
  22. use Shopware\Core\Framework\DataAbstractionLayer\Search\Filter\EqualsFilter;
  23. use Shopware\Core\Framework\Event\BusinessEventInterface;
  24. use Shopware\Core\Framework\Event\FlowEventAware;
  25. use Shopware\Core\Framework\Feature;
  26. use Shopware\Core\Framework\Uuid\Uuid;
  27. use Shopware\Core\Framework\Webhook\EventLog\WebhookEventLogDefinition;
  28. use Shopware\Core\Framework\Webhook\Hookable\HookableEventFactory;
  29. use Shopware\Core\Framework\Webhook\Message\WebhookEventMessage;
  30. use Shopware\Core\Profiling\Profiler;
  31. use Symfony\Component\DependencyInjection\ContainerInterface;
  32. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  33. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  34. use Symfony\Component\Messenger\MessageBusInterface;
  36. class WebhookDispatcher implements EventDispatcherInterface
  37. {
  38.     private EventDispatcherInterface $dispatcher;
  40.     private Connection $connection;
  42.     private ?WebhookCollection $webhooks null;
  44.     private Client $guzzle;
  46.     private string $shopUrl;
  48.     private ContainerInterface $container;
  50.     private array $privileges = [];
  52.     private HookableEventFactory $eventFactory;
  54.     private string $shopwareVersion;
  56.     private MessageBusInterface $bus;
  58.     private bool $isAdminWorkerEnabled;
  60.     /**
  61.      * @internal
  62.      */
  63.     public function __construct(
  64.         EventDispatcherInterface $dispatcher,
  65.         Connection $connection,
  66.         Client $guzzle,
  67.         string $shopUrl,
  68.         ContainerInterface $container,
  69.         HookableEventFactory $eventFactory,
  70.         string $shopwareVersion,
  71.         MessageBusInterface $bus,
  72.         bool $isAdminWorkerEnabled
  73.     ) {
  74.         $this->dispatcher $dispatcher;
  75.         $this->connection $connection;
  76.         $this->guzzle $guzzle;
  77.         $this->shopUrl $shopUrl;
  78.         // inject container, so we can later get the ShopIdProvider and the webhook repository
  79.         // ShopIdProvider, AppLocaleProvider and webhook repository can not be injected directly as it would lead to a circular reference
  80.         $this->container $container;
  81.         $this->eventFactory $eventFactory;
  82.         $this->shopwareVersion $shopwareVersion;
  83.         $this->bus $bus;
  84.         $this->isAdminWorkerEnabled $isAdminWorkerEnabled;
  85.     }
  87.     /**
  88.      * @template TEvent of object
  89.      *
  90.      * @param TEvent $event
  91.      *
  92.      * @return TEvent
  93.      */
  94.     public function dispatch($event, ?string $eventName null): object
  95.     {
  96.         $event $this->dispatcher->dispatch($event$eventName);
  98.         if (EnvironmentHelper::getVariable('DISABLE_EXTENSIONS'false)) {
  99.             return $event;
  100.         }
  102.         foreach ($this->eventFactory->createHookablesFor($event) as $hookable) {
  103.             $context Context::createDefaultContext();
  104.             if (Feature::isActive('FEATURE_NEXT_17858')) {
  105.                 if ($event instanceof FlowEventAware || $event instanceof AppChangedEvent || $event instanceof EntityWrittenContainerEvent) {
  106.                     $context $event->getContext();
  107.                 }
  108.             } else {
  109.                 if ($event instanceof BusinessEventInterface || $event instanceof AppChangedEvent || $event instanceof EntityWrittenContainerEvent) {
  110.                     $context $event->getContext();
  111.                 }
  112.             }
  114.             $this->callWebhooks($hookable$context);
  115.         }
  117.         // always return the original event and never our wrapped events
  118.         // this would lead to problems in the `BusinessEventDispatcher` from core
  119.         return $event;
  120.     }
  122.     /**
  123.      * @param string   $eventName
  124.      * @param callable $listener
  125.      * @param int      $priority
  126.      */
  127.     public function addListener($eventName$listener$priority 0): void
  128.     {
  129.         $this->dispatcher->addListener($eventName$listener$priority);
  130.     }
  132.     public function addSubscriber(EventSubscriberInterface $subscriber): void
  133.     {
  134.         $this->dispatcher->addSubscriber($subscriber);
  135.     }
  137.     /**
  138.      * @param string   $eventName
  139.      * @param callable $listener
  140.      */
  141.     public function removeListener($eventName$listener): void
  142.     {
  143.         $this->dispatcher->removeListener($eventName$listener);
  144.     }
  146.     public function removeSubscriber(EventSubscriberInterface $subscriber): void
  147.     {
  148.         $this->dispatcher->removeSubscriber($subscriber);
  149.     }
  151.     /**
  152.      * @param string|null $eventName
  153.      *
  154.      * @return array<array-key, array<array-key, callable>|callable>
  155.      */
  156.     public function getListeners($eventName null): array
  157.     {
  158.         return $this->dispatcher->getListeners($eventName);
  159.     }
  161.     /**
  162.      * @param string   $eventName
  163.      * @param callable $listener
  164.      */
  165.     public function getListenerPriority($eventName$listener): ?int
  166.     {
  167.         return $this->dispatcher->getListenerPriority($eventName$listener);
  168.     }
  170.     /**
  171.      * @param string|null $eventName
  172.      */
  173.     public function hasListeners($eventName null): bool
  174.     {
  175.         return $this->dispatcher->hasListeners($eventName);
  176.     }
  178.     public function clearInternalWebhookCache(): void
  179.     {
  180.         $this->webhooks null;
  181.     }
  183.     public function clearInternalPrivilegesCache(): void
  184.     {
  185.         $this->privileges = [];
  186.     }
  188.     private function callWebhooks(Hookable $eventContext $context): void
  189.     {
  190.         /** @var WebhookCollection $webhooksForEvent */
  191.         $webhooksForEvent $this->getWebhooks()->filterForEvent($event->getName());
  193.         if ($webhooksForEvent->count() === 0) {
  194.             return;
  195.         }
  197.         $affectedRoleIds $webhooksForEvent->getAclRoleIdsAsBinary();
  198.         $languageId $context->getLanguageId();
  199.         $userLocale $this->getAppLocaleProvider()->getLocaleFromContext($context);
  201.         // If the admin worker is enabled we send all events synchronously, as we can't guarantee timely delivery otherwise.
  202.         // Additionally, all app lifecycle events are sent synchronously as those can lead to nasty race conditions otherwise.
  203.         if ($this->isAdminWorkerEnabled || $event instanceof AppDeletedEvent || $event instanceof AppChangedEvent) {
  204.             Profiler::trace('webhook::dispatch-sync', function () use ($userLocale$languageId$affectedRoleIds$event$webhooksForEvent): void {
  205.                 $this->callWebhooksSynchronous($webhooksForEvent$event$affectedRoleIds$languageId$userLocale);
  206.             });
  208.             return;
  209.         }
  211.         Profiler::trace('webhook::dispatch-async', function () use ($userLocale$languageId$affectedRoleIds$event$webhooksForEvent): void {
  212.             $this->dispatchWebhooksToQueue($webhooksForEvent$event$affectedRoleIds$languageId$userLocale);
  213.         });
  214.     }
  216.     private function getWebhooks(): WebhookCollection
  217.     {
  218.         if ($this->webhooks) {
  219.             return $this->webhooks;
  220.         }
  222.         $criteria = new Criteria();
  223.         $criteria->setTitle('apps::webhooks');
  224.         $criteria->addFilter(new EqualsFilter('active'true));
  225.         $criteria->addAssociation('app');
  227.         /** @var WebhookCollection $webhooks */
  228.         $webhooks $this->container->get('webhook.repository')->search($criteriaContext::createDefaultContext())->getEntities();
  230.         return $this->webhooks $webhooks;
  231.     }
  233.     private function isEventDispatchingAllowed(WebhookEntity $webhookHookable $event, array $affectedRoles): bool
  234.     {
  235.         $app $webhook->getApp();
  237.         if ($app === null) {
  238.             return true;
  239.         }
  241.         // Only app lifecycle hooks can be received if app is deactivated
  242.         if (!$app->isActive() && !($event instanceof AppChangedEvent || $event instanceof AppDeletedEvent)) {
  243.             return false;
  244.         }
  246.         if (!($this->privileges[$event->getName()] ?? null)) {
  247.             $this->loadPrivileges($event->getName(), $affectedRoles);
  248.         }
  250.         $privileges $this->privileges[$event->getName()][$app->getAclRoleId()]
  251.             ?? new AclPrivilegeCollection([]);
  253.         if (!$event->isAllowed($app->getId(), $privileges)) {
  254.             return false;
  255.         }
  257.         return true;
  258.     }
  260.     /**
  261.      * @param array<string> $affectedRoleIds
  262.      */
  263.     private function callWebhooksSynchronous(
  264.         WebhookCollection $webhooksForEvent,
  265.         Hookable $event,
  266.         array $affectedRoleIds,
  267.         string $languageId,
  268.         string $userLocale
  269.     ): void {
  270.         $requests = [];
  272.         foreach ($webhooksForEvent as $webhook) {
  273.             if (!$this->isEventDispatchingAllowed($webhook$event$affectedRoleIds)) {
  274.                 continue;
  275.             }
  277.             try {
  278.                 $webhookData $this->getPayloadForWebhook($webhook$event);
  279.             } catch (AppUrlChangeDetectedException $e) {
  280.                 // don't dispatch webhooks for apps if url changed
  281.                 continue;
  282.             }
  284.             $timestamp time();
  285.             $webhookData['timestamp'] = $timestamp;
  287.             /** @var string $jsonPayload */
  288.             $jsonPayload json_encode($webhookData);
  290.             $headers = [
  291.                 'Content-Type' => 'application/json',
  292.                 'sw-version' => $this->shopwareVersion,
  293.                 AuthMiddleware::SHOPWARE_CONTEXT_LANGUAGE => $languageId,
  294.                 AuthMiddleware::SHOPWARE_USER_LANGUAGE => $userLocale,
  295.             ];
  297.             if ($event instanceof AppFlowActionEvent) {
  298.                 $headers array_merge($headers$event->getWebhookHeaders());
  299.             }
  301.             $request = new Request(
  302.                 'POST',
  303.                 $webhook->getUrl(),
  304.                 $headers,
  305.                 $jsonPayload
  306.             );
  308.             if ($webhook->getApp() !== null && $webhook->getApp()->getAppSecret() !== null) {
  309.                 $request $request->withHeader(
  310.                     RequestSigner::SHOPWARE_SHOP_SIGNATURE,
  311.                     (new RequestSigner())->signPayload($jsonPayload$webhook->getApp()->getAppSecret())
  312.                 );
  313.             }
  315.             $requests[] = $request;
  316.         }
  318.         if (\count($requests) > 0) {
  319.             $pool = new Pool($this->guzzle$requests);
  320.             $pool->promise()->wait();
  321.         }
  322.     }
  324.     /**
  325.      * @param array<string> $affectedRoleIds
  326.      */
  327.     private function dispatchWebhooksToQueue(
  328.         WebhookCollection $webhooksForEvent,
  329.         Hookable $event,
  330.         array $affectedRoleIds,
  331.         string $languageId,
  332.         string $userLocale
  333.     ): void {
  334.         foreach ($webhooksForEvent as $webhook) {
  335.             if (!$this->isEventDispatchingAllowed($webhook$event$affectedRoleIds)) {
  336.                 continue;
  337.             }
  339.             try {
  340.                 $webhookData $this->getPayloadForWebhook($webhook$event);
  341.             } catch (AppUrlChangeDetectedException $e) {
  342.                 // don't dispatch webhooks for apps if url changed
  343.                 continue;
  344.             }
  346.             $webhookEventId $webhookData['source']['eventId'];
  348.             $appId $webhook->getApp() !== null $webhook->getApp()->getId() : null;
  349.             $secret $webhook->getApp() !== null $webhook->getApp()->getAppSecret() : null;
  351.             $webhookEventMessage = new WebhookEventMessage(
  352.                 $webhookEventId,
  353.                 $webhookData,
  354.                 $appId,
  355.                 $webhook->getId(),
  356.                 $this->shopwareVersion,
  357.                 $webhook->getUrl(),
  358.                 $secret,
  359.                 $languageId,
  360.                 $userLocale
  361.             );
  363.             $this->logWebhookWithEvent($webhook$webhookEventMessage);
  365.             $this->bus->dispatch($webhookEventMessage);
  366.         }
  367.     }
  369.     private function getPayloadForWebhook(WebhookEntity $webhookHookable $event): array
  370.     {
  371.         if ($event instanceof AppFlowActionEvent) {
  372.             return $event->getWebhookPayload();
  373.         }
  375.         $data = [
  376.             'payload' => $event->getWebhookPayload(),
  377.             'event' => $event->getName(),
  378.         ];
  380.         $source = [
  381.             'url' => $this->shopUrl,
  382.             'eventId' => Uuid::randomHex(),
  383.         ];
  385.         if ($webhook->getApp() !== null) {
  386.             $shopIdProvider $this->getShopIdProvider();
  388.             $source['appVersion'] = $webhook->getApp()->getVersion();
  389.             $source['shopId'] = $shopIdProvider->getShopId();
  390.         }
  392.         return [
  393.             'data' => $data,
  394.             'source' => $source,
  395.         ];
  396.     }
  398.     private function logWebhookWithEvent(WebhookEntity $webhookWebhookEventMessage $webhookEventMessage): void
  399.     {
  400.         /** @var EntityRepositoryInterface $webhookEventLogRepository */
  401.         $webhookEventLogRepository $this->container->get('webhook_event_log.repository');
  403.         $webhookEventLogRepository->create([
  404.             [
  405.                 'id' => $webhookEventMessage->getWebhookEventId(),
  406.                 'appName' => $webhook->getApp() !== null $webhook->getApp()->getName() : null,
  407.                 'deliveryStatus' => WebhookEventLogDefinition::STATUS_QUEUED,
  408.                 'webhookName' => $webhook->getName(),
  409.                 'eventName' => $webhook->getEventName(),
  410.                 'appVersion' => $webhook->getApp() !== null $webhook->getApp()->getVersion() : null,
  411.                 'url' => $webhook->getUrl(),
  412.                 'serializedWebhookMessage' => serialize($webhookEventMessage),
  413.             ],
  414.         ], Context::createDefaultContext());
  415.     }
  417.     /**
  418.      * @param array<string> $affectedRoleIds
  419.      */
  420.     private function loadPrivileges(string $eventName, array $affectedRoleIds): void
  421.     {
  422.         $roles $this->connection->fetchAll('
  423.             SELECT `id`, `privileges`
  424.             FROM `acl_role`
  425.             WHERE `id` IN (:aclRoleIds)
  426.         ', ['aclRoleIds' => $affectedRoleIds], ['aclRoleIds' => Connection::PARAM_STR_ARRAY]);
  428.         if (!$roles) {
  429.             $this->privileges[$eventName] = [];
  430.         }
  432.         foreach ($roles as $privilege) {
  433.             $this->privileges[$eventName][Uuid::fromBytesToHex($privilege['id'])]
  434.                 = new AclPrivilegeCollection(json_decode($privilege['privileges'], true));
  435.         }
  436.     }
  438.     private function getShopIdProvider(): ShopIdProvider
  439.     {
  440.         return $this->container->get(ShopIdProvider::class);
  441.     }
  443.     private function getAppLocaleProvider(): AppLocaleProvider
  444.     {
  445.         return $this->container->get(AppLocaleProvider::class);
  446.     }
  447. }