diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

minor #32285 [CSRF] add more parameter types (Tobion)

Browse Source 
This PR was merged into the 5.0-dev branch.

Discussion
----------

[CSRF] add more parameter types

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks?    | no     <!-- see https://symfony.com/bc -->
| Deprecations? | /no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass?   | yes    <!-- please add some, will be required by reviewers -->
| Fixed tickets | #32179
| License       | MIT
| Doc PR        | symfony/symfony-docs#... <!-- required for new features -->

Those have been missing in #32208

Commits
-------

d442028063 [CSRF] add more parameter types
This commit is contained in:
Tobias Schultze 2019-07-02 16:53:02 +02:00
commit 393f9ae2b5
6 changed files with 17 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/Security/Csrf/CsrfTokenManager.php
View File

@ -114,7 +114,7 @@ class CsrfTokenManager implements CsrfTokenManagerInterface
return hash_equals($this->storage->getToken($namespacedId), $token->getValue()); return hash_equals($this->storage->getToken($namespacedId), $token->getValue());
} }
private function getNamespace() private function getNamespace(): string
{ {
return \is_callable($ns = $this->namespace) ? $ns() : $ns; return \is_callable($ns = $this->namespace) ? $ns() : $ns;
} }

2
src/Symfony/Component/Security/Csrf/CsrfTokenManagerInterface.php
View File

@ -49,8 +49,6 @@ interface CsrfTokenManagerInterface
/** /**
* Invalidates the CSRF token with the given ID, if one exists. * Invalidates the CSRF token with the given ID, if one exists.
* *
* @param string $tokenId The token ID
*
* @return string|null Returns the removed token value if one existed, NULL * @return string|null Returns the removed token value if one existed, NULL
* otherwise * otherwise
*/ */

2
src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
View File

@ -160,6 +160,7 @@ class CsrfTokenManagerTest extends TestCase
public function testNamespaced() public function testNamespaced()
{ {
$generator = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface')->getMock(); $generator = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface')->getMock();
$generator->expects($this->once())->method('generateToken')->willReturn('random');
$storage = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface')->getMock(); $storage = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface')->getMock();
$requestStack = new RequestStack(); $requestStack = new RequestStack();
@ -169,6 +170,7 @@ class CsrfTokenManagerTest extends TestCase
$token = $manager->getToken('foo'); $token = $manager->getToken('foo');
$this->assertSame('foo', $token->getId()); $this->assertSame('foo', $token->getId());
$this->assertSame('random', $token->getValue());
} }
public function getManagerGeneratorAndStorage() public function getManagerGeneratorAndStorage()

10
src/Symfony/Component/Security/Csrf/TokenStorage/NativeSessionTokenStorage.php
View File

@ -41,7 +41,7 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getToken($tokenId) public function getToken(string $tokenId)
{ {
if (!$this->sessionStarted) { if (!$this->sessionStarted) {
$this->startSession(); $this->startSession();
@ -57,19 +57,19 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setToken($tokenId, $token) public function setToken(string $tokenId, string $token)
{ {
if (!$this->sessionStarted) { if (!$this->sessionStarted) {
$this->startSession(); $this->startSession();
} }
$_SESSION[$this->namespace][$tokenId] = (string) $token; $_SESSION[$this->namespace][$tokenId] = $token;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function hasToken($tokenId) public function hasToken(string $tokenId)
{ {
if (!$this->sessionStarted) { if (!$this->sessionStarted) {
$this->startSession(); $this->startSession();
@ -81,7 +81,7 @@ class NativeSessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function removeToken($tokenId) public function removeToken(string $tokenId)
{ {
if (!$this->sessionStarted) { if (!$this->sessionStarted) {
$this->startSession(); $this->startSession();

10
src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php
View File

@ -44,7 +44,7 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getToken($tokenId) public function getToken(string $tokenId)
{ {
if (!$this->session->isStarted()) { if (!$this->session->isStarted()) {
$this->session->start(); $this->session->start();
@ -60,19 +60,19 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setToken($tokenId, $token) public function setToken(string $tokenId, string $token)
{ {
if (!$this->session->isStarted()) { if (!$this->session->isStarted()) {
$this->session->start(); $this->session->start();
} }
$this->session->set($this->namespace.'/'.$tokenId, (string) $token); $this->session->set($this->namespace.'/'.$tokenId, $token);
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function hasToken($tokenId) public function hasToken(string $tokenId)
{ {
if (!$this->session->isStarted()) { if (!$this->session->isStarted()) {
$this->session->start(); $this->session->start();
@ -84,7 +84,7 @@ class SessionTokenStorage implements ClearableTokenStorageInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function removeToken($tokenId) public function removeToken(string $tokenId)
{ {
if (!$this->session->isStarted()) { if (!$this->session->isStarted()) {
$this->session->start(); $this->session->start();

17
src/Symfony/Component/Security/Csrf/TokenStorage/TokenStorageInterface.php
View File

@ -21,38 +21,29 @@ interface TokenStorageInterface
/** /**
* Reads a stored CSRF token. * Reads a stored CSRF token.
* *
* @param string $tokenId The token ID
*
* @return string The stored token * @return string The stored token
* *
* @throws \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException If the token ID does not exist * @throws \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException If the token ID does not exist
*/ */
public function getToken($tokenId); public function getToken(string $tokenId);
/** /**
* Stores a CSRF token. * Stores a CSRF token.
*
* @param string $tokenId The token ID
* @param string $token The CSRF token
*/ */
public function setToken($tokenId, $token); public function setToken(string $tokenId, string $token);
/** /**
* Removes a CSRF token. * Removes a CSRF token.
* *
* @param string $tokenId The token ID
*
* @return string|null Returns the removed token if one existed, NULL * @return string|null Returns the removed token if one existed, NULL
* otherwise * otherwise
*/ */
public function removeToken($tokenId); public function removeToken(string $tokenId);
/** /**
* Checks whether a token with the given token ID exists. * Checks whether a token with the given token ID exists.
* *
* @param string $tokenId The token ID
*
* @return bool Whether a token exists with the given ID * @return bool Whether a token exists with the given ID
*/ */
public function hasToken($tokenId); public function hasToken(string $tokenId);
} }