minor #32285 [CSRF] add more parameter types (Tobion)
This PR was merged into the 5.0-dev branch.
Discussion
----------
[CSRF] add more parameter types
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | /no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #32179
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Those have been missing in #32208
Commits
-------
d442028063
[CSRF] add more parameter types
This commit is contained in:
commit
393f9ae2b5
@ -114,7 +114,7 @@ class CsrfTokenManager implements CsrfTokenManagerInterface
|
|||||||
return hash_equals($this->storage->getToken($namespacedId), $token->getValue());
|
return hash_equals($this->storage->getToken($namespacedId), $token->getValue());
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getNamespace()
|
private function getNamespace(): string
|
||||||
{
|
{
|
||||||
return \is_callable($ns = $this->namespace) ? $ns() : $ns;
|
return \is_callable($ns = $this->namespace) ? $ns() : $ns;
|
||||||
}
|
}
|
||||||
|
@ -49,8 +49,6 @@ interface CsrfTokenManagerInterface
|
|||||||
/**
|
/**
|
||||||
* Invalidates the CSRF token with the given ID, if one exists.
|
* Invalidates the CSRF token with the given ID, if one exists.
|
||||||
*
|
*
|
||||||
* @param string $tokenId The token ID
|
|
||||||
*
|
|
||||||
* @return string|null Returns the removed token value if one existed, NULL
|
* @return string|null Returns the removed token value if one existed, NULL
|
||||||
* otherwise
|
* otherwise
|
||||||
*/
|
*/
|
||||||
|
@ -160,6 +160,7 @@ class CsrfTokenManagerTest extends TestCase
|
|||||||
public function testNamespaced()
|
public function testNamespaced()
|
||||||
{
|
{
|
||||||
$generator = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface')->getMock();
|
$generator = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface')->getMock();
|
||||||
|
$generator->expects($this->once())->method('generateToken')->willReturn('random');
|
||||||
$storage = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface')->getMock();
|
$storage = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface')->getMock();
|
||||||
|
|
||||||
$requestStack = new RequestStack();
|
$requestStack = new RequestStack();
|
||||||
@ -169,6 +170,7 @@ class CsrfTokenManagerTest extends TestCase
|
|||||||
|
|
||||||
$token = $manager->getToken('foo');
|
$token = $manager->getToken('foo');
|
||||||
$this->assertSame('foo', $token->getId());
|
$this->assertSame('foo', $token->getId());
|
||||||
|
$this->assertSame('random', $token->getValue());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getManagerGeneratorAndStorage()
|
public function getManagerGeneratorAndStorage()
|
||||||
|
@ -41,7 +41,7 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function getToken($tokenId)
|
public function getToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->sessionStarted) {
|
if (!$this->sessionStarted) {
|
||||||
$this->startSession();
|
$this->startSession();
|
||||||
@ -57,19 +57,19 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function setToken($tokenId, $token)
|
public function setToken(string $tokenId, string $token)
|
||||||
{
|
{
|
||||||
if (!$this->sessionStarted) {
|
if (!$this->sessionStarted) {
|
||||||
$this->startSession();
|
$this->startSession();
|
||||||
}
|
}
|
||||||
|
|
||||||
$_SESSION[$this->namespace][$tokenId] = (string) $token;
|
$_SESSION[$this->namespace][$tokenId] = $token;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function hasToken($tokenId)
|
public function hasToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->sessionStarted) {
|
if (!$this->sessionStarted) {
|
||||||
$this->startSession();
|
$this->startSession();
|
||||||
@ -81,7 +81,7 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function removeToken($tokenId)
|
public function removeToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->sessionStarted) {
|
if (!$this->sessionStarted) {
|
||||||
$this->startSession();
|
$this->startSession();
|
||||||
|
@ -44,7 +44,7 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function getToken($tokenId)
|
public function getToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->session->isStarted()) {
|
if (!$this->session->isStarted()) {
|
||||||
$this->session->start();
|
$this->session->start();
|
||||||
@ -60,19 +60,19 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function setToken($tokenId, $token)
|
public function setToken(string $tokenId, string $token)
|
||||||
{
|
{
|
||||||
if (!$this->session->isStarted()) {
|
if (!$this->session->isStarted()) {
|
||||||
$this->session->start();
|
$this->session->start();
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->session->set($this->namespace.'/'.$tokenId, (string) $token);
|
$this->session->set($this->namespace.'/'.$tokenId, $token);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function hasToken($tokenId)
|
public function hasToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->session->isStarted()) {
|
if (!$this->session->isStarted()) {
|
||||||
$this->session->start();
|
$this->session->start();
|
||||||
@ -84,7 +84,7 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* {@inheritdoc}
|
||||||
*/
|
*/
|
||||||
public function removeToken($tokenId)
|
public function removeToken(string $tokenId)
|
||||||
{
|
{
|
||||||
if (!$this->session->isStarted()) {
|
if (!$this->session->isStarted()) {
|
||||||
$this->session->start();
|
$this->session->start();
|
||||||
|
@ -21,38 +21,29 @@ interface TokenStorageInterface
|
|||||||
/**
|
/**
|
||||||
* Reads a stored CSRF token.
|
* Reads a stored CSRF token.
|
||||||
*
|
*
|
||||||
* @param string $tokenId The token ID
|
|
||||||
*
|
|
||||||
* @return string The stored token
|
* @return string The stored token
|
||||||
*
|
*
|
||||||
* @throws \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException If the token ID does not exist
|
* @throws \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException If the token ID does not exist
|
||||||
*/
|
*/
|
||||||
public function getToken($tokenId);
|
public function getToken(string $tokenId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Stores a CSRF token.
|
* Stores a CSRF token.
|
||||||
*
|
|
||||||
* @param string $tokenId The token ID
|
|
||||||
* @param string $token The CSRF token
|
|
||||||
*/
|
*/
|
||||||
public function setToken($tokenId, $token);
|
public function setToken(string $tokenId, string $token);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Removes a CSRF token.
|
* Removes a CSRF token.
|
||||||
*
|
*
|
||||||
* @param string $tokenId The token ID
|
|
||||||
*
|
|
||||||
* @return string|null Returns the removed token if one existed, NULL
|
* @return string|null Returns the removed token if one existed, NULL
|
||||||
* otherwise
|
* otherwise
|
||||||
*/
|
*/
|
||||||
public function removeToken($tokenId);
|
public function removeToken(string $tokenId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks whether a token with the given token ID exists.
|
* Checks whether a token with the given token ID exists.
|
||||||
*
|
*
|
||||||
* @param string $tokenId The token ID
|
|
||||||
*
|
|
||||||
* @return bool Whether a token exists with the given ID
|
* @return bool Whether a token exists with the given ID
|
||||||
*/
|
*/
|
||||||
public function hasToken($tokenId);
|
public function hasToken(string $tokenId);
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user