Tenant
in package
Resolves tenant information from HTTP requests.
Table of Contents
- MAX_TENANT_ID_LENGTH = 63
- MIN_TENANT_ID_LENGTH = 1
- TENANT_ID_PATTERN = '/^[a-z0-9]([a-z0-9\\-]{0,61}[a-z0-9])?$/'
- $allowedTenantIds : array<string|int, string>
- $logger : LoggerInterface
- $reservedSubdomains : array<string|int, string>
- $trustedHosts : array<string|int, string>
- __construct() : mixed
- resolveTenantFromRequest() : null|TenantInfo
- Resolves tenant information from the request.
- containsSuspiciousPatterns() : bool
- Checks for suspicious patterns in the host.
- extractAndValidateHost() : string
- Extracts and validates the host from the request.
- extractTenantIdFromHost() : null|string
- Extracts tenant ID from host.
- getClientIp() : string
- Extracts client IP for logging purposes.
- isHostTrusted() : bool
- Checks if host is in the trusted hosts list.
- isValidHostFormat() : bool
- Validates host format according to RFC standards.
- isValidTenantId() : bool
- Validates if a tenant ID is valid and allowed.
- logSecurityEvent() : void
- Logs security-related events.
Constants
MAX_TENANT_ID_LENGTH
private
mixed
MAX_TENANT_ID_LENGTH
= 63
MIN_TENANT_ID_LENGTH
private
mixed
MIN_TENANT_ID_LENGTH
= 1
TENANT_ID_PATTERN
private
mixed
TENANT_ID_PATTERN
= '/^[a-z0-9]([a-z0-9\\-]{0,61}[a-z0-9])?$/'
Properties
$allowedTenantIds
private
array<string|int, string>
$allowedTenantIds
$logger
private
LoggerInterface
$logger
$reservedSubdomains
private
array<string|int, string>
$reservedSubdomains
$trustedHosts
private
array<string|int, string>
$trustedHosts
Methods
__construct()
public
__construct([array<string|int, string> $allowedTenantIds = [] ][, array<string|int, string> $reservedSubdomains = ['www', 'api', 'admin', 'app', 'mail', 'ftp', 'blog'] ][, array<string|int, string> $trustedHosts = [] ][, null|LoggerInterface $logger = null ]) : mixed
Parameters
- $allowedTenantIds : array<string|int, string> = []
-
List of valid tenant IDs
- $reservedSubdomains : array<string|int, string> = ['www', 'api', 'admin', 'app', 'mail', 'ftp', 'blog']
-
Subdomains that cannot be used as tenant IDs
- $trustedHosts : array<string|int, string> = []
-
List of trusted host patterns
- $logger : null|LoggerInterface = null
-
Logger for security events
Return values
mixed —resolveTenantFromRequest()
Resolves tenant information from the request.
public
resolveTenantFromRequest(ServerRequestInterface $request) : null|TenantInfo
Parameters
- $request : ServerRequestInterface
-
The HTTP request
Tags
Return values
null|TenantInfo —Tenant information or null if not found/invalid
containsSuspiciousPatterns()
Checks for suspicious patterns in the host.
private
containsSuspiciousPatterns(string $host) : bool
Parameters
- $host : string
-
The host to check
Return values
bool —True if suspicious patterns detected
extractAndValidateHost()
Extracts and validates the host from the request.
private
extractAndValidateHost(ServerRequestInterface $request) : string
Parameters
- $request : ServerRequestInterface
Tags
Return values
string —The validated host
extractTenantIdFromHost()
Extracts tenant ID from host.
private
extractTenantIdFromHost(string $host) : null|string
Parameters
- $host : string
-
The validated host
Return values
null|string —The tenant ID or null if not a tenant subdomain
getClientIp()
Extracts client IP for logging purposes.
private
getClientIp(ServerRequestInterface $request) : string
Parameters
- $request : ServerRequestInterface
Return values
string —The client IP address
isHostTrusted()
Checks if host is in the trusted hosts list.
private
isHostTrusted(string $host) : bool
Parameters
- $host : string
-
The host to check
Return values
bool —True if trusted
isValidHostFormat()
Validates host format according to RFC standards.
private
isValidHostFormat(string $host) : bool
Parameters
- $host : string
-
The host to validate
Return values
bool —True if valid format
isValidTenantId()
Validates if a tenant ID is valid and allowed.
private
isValidTenantId(string $tenantId) : bool
Parameters
- $tenantId : string
-
The tenant ID to validate
Return values
bool —True if valid and allowed
logSecurityEvent()
Logs security-related events.
private
logSecurityEvent(string $message[, array<string|int, mixed> $context = [] ]) : void
Parameters
- $message : string
-
The log message
- $context : array<string|int, mixed> = []
-
Additional context