Zend

Zend framework officially provides two types of skeleton - Zend MVC and Zend Expressive.

No matter which skeleton you are using, this guide might give you some ideas on how to implement Shieldon Firewall, not sure which way is considered best practice to Zend, you can pick one you prefer.

These ideas are:

  • PSR-7 Middleware. (Prior to Zend 3.1.0)
  • PSR-15 Middleware (Starting in Zend 3.1.0)
  • Bootstrapper.
\Shieldon\Integration\Zend\Psr7Middleware
\Shieldon\Integration\Zend\Psr15Middleware
\Shieldon\Integration\Bootstrapper

If your Zend application has CSRF protected, be sure to define a _shieldon_csrf CSRF token for Shieldon ready Middlewares.

Installation

Use PHP Composer:

composer require shieldon/shieldon

Implementing

Zend Expressive

This is an example that shows you using a PSR-15 Middleware in Zend Expressive skeleton.

1. Define a Middleware.

In your pipeline.php, add this line:

$app->pipe(\Shieldon\Integration\Zend\Psr15Middleware::class);

2. Defind a Handler.

Let's go to App/src/Handler directory and create a PHP file named FirewallPanelHandler.

Copy the text blew, paste them into that file.

<?php declare(strict_types=1);

namespace App\Handler;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Zend\Diactoros\Response;

/**
 * Firewall Panel Handler
 * If you have CSRF enabled, make sure to pass the csrf token to the control panel.
 */
class FirewallPanelHandler implements RequestHandlerInterface
{
    public function handle(ServerRequestInterface $request): ResponseInterface
    {
        $firewall = \Shieldon\Container::get('firewall');
        $controlPanel = new \Shieldon\FirewallPanel($firewall);
        $controlPanel->entry();

        return new Response();
    }
}

3. Defind a Route for Firewall Panel.

In your route.php, add this line:

$app->route('/firewall/panel', App\Handler\FirewallPanelHandler::class, ['GET', 'POST'], 'panel');

Zend MVC

Because that I am not sure how old version of Zend framework you are using. Therefore I decide to get rid of Middleware to make sure this guide will work with the most versions of Zend.

1. Before initializing Core

In your public/index.php under this line:

include __DIR__ . '/../vendor/autoload.php';

Add the following code:

/*
|--------------------------------------------------------------------------
| Run The Shieldon Firewall
|--------------------------------------------------------------------------
|
| Shieldon Firewall will watch all HTTP requests coming to your website.
|
*/

if (isset($_SERVER['REQUEST_URI'])) {

    $firewallstorage = __DIR__ . '/../data/shieldon';

    $firewall = new \Shieldon\Firewall($firewallstorage);
    $firewall->restful();
    $firewall->run();
}

The next step is to create a controller for control panel.

2. Defind a Controller.

Let's create a controller and named it with FirewallPanelController. Ths is the entry point of our Shieldon Firewall's controll panel.

<?php

namespace Application\Controller;

use Zend\Mvc\Controller\AbstractActionController;

class FirewallPanelController extends AbstractActionController
{
    /**
     * The entry point of the Firewall Panel.
     *
     * @return string
     */
    public function indexAction()
    {
       // Get Firewall instance from Shieldon Container.
       $firewall = \Shieldon\Container::get('firewall');

       // Get into the Firewall Panel.
       $controlPanel = new \Shieldon\FirewallPanel($firewall);
       $controlPanel->entry();
       exit;
    }
}

3. Defind a Route for Firewall Panel.

In your module.config.php, add the code as below.

'firewallpanel' => [
    'type' => Literal::class,
    'options' => [
        'route'    => '/firewall/panel',
        'defaults' => [
            'controller' => Controller\FirewallPanelController::class,
            'action'     => 'index',
        ],
    ],
],

You can access the Firewall Panel by /firewall/panel, to see the page, go to this URL in your browser.

https://for.example.com/firewall/panel