<?php/** * Created by PhpStorm. * User: rostandnj * Date: 22/7/19 * Time: 2:22 PM */namespace App\EventSubscriber;use App\Controller\TokenAuthenticatedController;use Symfony\Component\EventDispatcher\EventSubscriberInterface;use Symfony\Component\HttpKernel\Event\ControllerEvent;use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;use Symfony\Component\Security\Core\Exception\AccessDeniedException;use Symfony\Component\HttpKernel\KernelEvents;class XpkSubscriber implements EventSubscriberInterface{ private $xpk; public function __construct() { $this->xpk = null; } public function onKernelController(ControllerEvent $event) { $controller = $event->getController(); /* * $controller passed can be either a class or a Closure. * This is not usual in Symfony but it may happen. * If it is a class, it comes in array format */ if (!is_array($controller)) { return; } if ($controller[0] instanceof TokenAuthenticatedController ) { if($event->getRequest()->getRequestUri() !== '/') { $xpk = $event->getRequest()->headers->get('X-PK'); if ($xpk ==null) { throw new AccessDeniedException('please add X-PK in your request header'); } } } } public static function getSubscribedEvents() { return [ KernelEvents::CONTROLLER => 'onKernelController', ]; }}