Merge branch 'request-body'

* request-body:
  cs
  readme update
  clean up
  undo debug
  debug
  test
  bring content-type
  debug
  debug
  exit after send()
  re-set client headers
  debug
  register chrome-extension via onBootstrap
  handle chrome extension like Postman
  skip https test call on php < 7
  test
  keep request and metehod and re-call uri with httpsed scheme for non-empty request body

Author: samsonasik

README.md

@@ -18,6 +18,7 @@ Features
 - [x] enable/disable force https
 - [x] Force Https to All routes
 - [x] Force Https to specific routes only
+- [x] Keep header, request method, request body if http request has content (eg: on POST request method)
 
 Installation
 ------------

spec/Listener/ForceHttpsSpec.php

@@ -4,8 +4,13 @@
 
 use ForceHttpsModule\Listener\ForceHttps;
 use Kahlan\Plugin\Double;
+use Kahlan\Plugin\Quit;
+use Kahlan\QuitException;
 use Zend\Console\Console;
 use Zend\EventManager\EventManagerInterface;
+use Zend\Http\Client;
+use Zend\Http\Header\Origin;
+use Zend\Http\Headers;
 use Zend\Http\PhpEnvironment\Request;
 use Zend\Http\PhpEnvironment\Response;
 use Zend\Mvc\MvcEvent;
@@ -133,6 +138,63 @@
 
         });
 
+        it('keep request and method and re-call uri with httpsed scheme for non-empty request body', function () {
+
+            skipIf(PHP_MAJOR_VERSION < 7);
+            Quit::disable();
+
+            Console::overrideIsConsole(false);
+            $listener = new ForceHttps([
+                'enable'                => true,
+                'force_all_routes'      => true,
+                'force_specific_routes' => [],
+            ]);
+
+            $mvcEvent       = Double::instance(['extends' => MvcEvent::class, 'methods' => '__construct']);
+            $response       = Double::instance(['extends' => Response::class]);
+            $request        = Double::instance(['extends' => Request::class]);
+            $uri            = Double::instance(['extends' => Uri::class]);
+            $client         = Double::instance(['extends' => Client::class]);
+            $clientResponse = Double::instance(['extends' => Response::class]);
+
+            allow($mvcEvent)->toReceive('getRequest')->andReturn($request);
+            allow($request)->toReceive('getUri')->andReturn($uri);
+            allow($uri)->toReceive('getScheme')->andReturn('http');
+            allow($mvcEvent)->toReceive('getRouteMatch', 'getMatchedRouteName')->andReturn('api');
+            allow($uri)->toReceive('setScheme')->with('https')->andReturn($uri);
+            allow($uri)->toReceive('toString')->andReturn('https://example.com/api');
+            allow($mvcEvent)->toReceive('getResponse')->andReturn($response);
+
+            $headers = new Headers();
+            allow($headers)->toReceive('toArray')->andReturn([
+                'Origin' => 'chrome-extension: //random',
+                'Content-Type' => 'application/json',
+            ]);
+
+            allow($request)->toReceive('getContent')->andReturn('{"foo":"fooValue"}');
+            allow($request)->toReceive('getMethod')->andReturn('POST');
+            allow($request)->toReceive('getHeaders')->andReturn($headers);
+
+            allow($client)->toReceive('setUri')->with('https://example.com/about');
+            allow($client)->toReceive('setMethod')->with('POST');
+            allow($client)->toReceive('setRawBody')->with('{"foo":"fooValue"}');
+            allow($client)->toReceive('setHeaders')->with($request->getHeaders());
+
+            allow($clientResponse)->toReceive('getBody')->andReturn('{}');
+            allow($clientResponse)->toReceive('getStatusCode')->andReturn(200);
+            allow($client)->toReceive('send')->andReturn($clientResponse);
+
+            allow($response)->toReceive('setStatusCode')->with(200)->andReturn($response);
+            allow($response)->toReceive('send');
+
+            expect($mvcEvent)->toReceive('getResponse');
+            $closure = function() use ($listener, $mvcEvent){
+                $listener->forceHttpsScheme($mvcEvent);
+            };
+            expect($closure)->toThrow(new QuitException());
+
+        });
+
     });
 
 });

src/Listener/ForceHttps.php

@@ -5,6 +5,8 @@
 use Zend\Console\Console;
 use Zend\EventManager\AbstractListenerAggregate;
 use Zend\EventManager\EventManagerInterface;
+use Zend\Http\Client;
+use Zend\Http\Header\Origin;
 use Zend\Mvc\MvcEvent;
 
 class ForceHttps extends AbstractListenerAggregate
@@ -43,7 +45,8 @@ public function attach(EventManagerInterface $events, $priority = 1)
      */
     public function forceHttpsScheme(MvcEvent $e)
     {
-        $uri       = $e->getRequest()->getUri();
+        $request   = $e->getRequest();
+        $uri       = $request->getUri();
         $uriScheme = $uri->getScheme();
         if ($uriScheme === 'https') {
             return;
@@ -58,9 +61,43 @@ public function forceHttpsScheme(MvcEvent $e)
             return;
         }
 
-        $httpsRequestUri = $uri->setScheme('https')->toString();
+        $response        = $e->getResponse();
+        $uriWithScheme   = $uri->setScheme('https');
+        $httpsRequestUri = $uriWithScheme->toString();
+
+        // if has request body, then
+        //    a.keep headers, request method, and body
+        //    b.call uri with https
+        if (! empty($content = $request->getContent())) {
+
+            // keep methods and body
+            $client = new Client();
+            $client->setMethod($request->getMethod());
+            $client->setRawBody($content);
+
+            // keep headers with clean up "Origin" and re-set headers
+            $requestHeaders = $request->getHeaders();
+            $headers        = $requestHeaders->toArray();
+            unset($headers['Origin']);
+            $requestHeaders->clearHeaders();
+            $requestHeaders->addHeaders($headers);
+            $requestHeaders->addHeader(new Origin($uriScheme . '://' . $uri->getHost()));
+            $client->setHeaders($requestHeaders);
+
+            // call uri with https
+            $client->setUri($httpsRequestUri);
+            $result  = $client->send();
+
+            // send response
+            $response->setContent($result->getBody());
+            $response->setStatusCode($result->getStatusCode());
+            $response->getHeaders()
+                     ->addHeaderLine('Content-Type', $headers['Content-Type']);
+
+            $response->send();
+            exit(0);
+        }
 
-        $response = $e->getResponse();
         $response->setStatusCode(302);
         $response->getHeaders()
                  ->addHeaderLine('Location', $httpsRequestUri);