<?phpnamespace Cms\DomainBundle\Controller;use Cms\CoreBundle\Util\Controller;use Cms\DomainBundle\Entity\Domain;use Cms\DomainBundle\Entity\SslCertificates\LetsEncryptSslCertificate;use Cms\DomainBundle\Service\Managers\SslCertificateManagers\LetsEncryptSslCertificateManager;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;/** * Class LetsEncryptController * @package Cms\DomainBundle\Controller */final class LetsEncryptController extends Controller{ /** * @param Request $request * @param string $token * @return Response * @throws NotFoundHttpException */ public function verifyChallengeAction(Request $request, $token) { // get the hostname of the request $host = $request->getHost(); // obtain the domain for this host $domain = $this->getEntityManager()->getRepository(Domain::class)->findOneByHost($host); // if we did not match, treat as a 404 if (empty($domain)) { throw new NotFoundHttpException(); } // need a lets encrypt certificate $certificate = $this->getLetsEncryptSslCertificateManager() ->getPendingCertificate($domain); if ( ! $certificate instanceof LetsEncryptSslCertificate) { throw new NotFoundHttpException(); } // make sure we are expecting a verification if ($certificate->getState()->getChallenge() !== LetsEncryptSslCertificateManager::CHALLENGES__HTTP_01) { throw new NotFoundHttpException(); } // now match the tokens if ($certificate->getState()->getToken() !== $token) { throw new NotFoundHttpException(); } // all is good, we can return the payload return Response::create( $certificate->getState()->getPayload(), 200, array( 'Content-Type' => 'text/plain', ) ); } /** * @return LetsEncryptSslCertificateManager|object */ private function getLetsEncryptSslCertificateManager(): LetsEncryptSslCertificateManager { return $this->get(__METHOD__); }}