[FrameworkBundle] Move security-csrf configuration to PHP
This commit is contained in:
j.schmitt
parent
8df6380fc7
commit
a2d6581345
@ -288,7 +288,7 @@ class FrameworkExtension extends Extension
|
||||
if (null === $config['csrf_protection']['enabled']) {
|
||||
$config['csrf_protection']['enabled'] = $this->sessionConfigEnabled && !class_exists(FullStack::class) && interface_exists(CsrfTokenManagerInterface::class);
|
||||
}
|
||||
$this->registerSecurityCsrfConfiguration($config['csrf_protection'], $container, $loader);
|
||||
$this->registerSecurityCsrfConfiguration($config['csrf_protection'], $container, $phpLoader);
|
||||
|
||||
if ($this->isConfigEnabled($container, $config['form'])) {
|
||||
if (!class_exists('Symfony\Component\Form\Form')) {
|
||||
@ -1439,7 +1439,7 @@ class FrameworkExtension extends Extension
|
||||
}
|
||||
}
|
||||
|
||||
private function registerSecurityCsrfConfiguration(array $config, ContainerBuilder $container, XmlFileLoader $loader)
|
||||
private function registerSecurityCsrfConfiguration(array $config, ContainerBuilder $container, PhpFileLoader $phpLoader)
|
||||
{
|
||||
if (!$this->isConfigEnabled($container, $config)) {
|
||||
return;
|
||||
@ -1454,7 +1454,7 @@ class FrameworkExtension extends Extension
|
||||
}
|
||||
|
||||
// Enable services for CSRF protection (even without forms)
|
||||
$loader->load('security_csrf.xml');
|
||||
$phpLoader->load('security_csrf.php');
|
||||
|
||||
if (!class_exists(CsrfExtension::class)) {
|
||||
$container->removeDefinition('twig.extension.security_csrf');
|
||||
|
||||
@ -0,0 +1,52 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
|
||||
|
||||
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
|
||||
use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator;
|
||||
use Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface;
|
||||
use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage;
|
||||
use Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Csrf\CsrfTokenManager;
|
||||
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
|
||||
use Symfony\Bridge\Twig\Extension\CsrfRuntime;
|
||||
use Symfony\Bridge\Twig\Extension\CsrfExtension;
|
||||
|
||||
return static function (ContainerConfigurator $container) {
|
||||
$container->services()
|
||||
->set('security.csrf.token_generator', UriSafeTokenGenerator::class)
|
||||
|
||||
->alias(TokenGeneratorInterface::class, 'security.csrf.token_generator')
|
||||
|
||||
->set('security.csrf.token_storage', SessionTokenStorage::class)
|
||||
->args([service('session')])
|
||||
|
||||
->alias(TokenStorageInterface::class, 'security.csrf.token_storage')
|
||||
|
||||
->set('security.csrf.token_manager', CsrfTokenManager::class)
|
||||
->public()
|
||||
->args([
|
||||
service('security.csrf.token_generator'),
|
||||
service('security.csrf.token_storage'),
|
||||
service('request_stack')->ignoreOnInvalid()
|
||||
])
|
||||
|
||||
->alias(CsrfTokenManagerInterface::class, 'security.csrf.token_manager')
|
||||
|
||||
->set('twig.runtime.security_csrf', CsrfRuntime::class)
|
||||
->args([service('security.csrf.token_manager')])
|
||||
->tag('twig.runtime')
|
||||
|
||||
->set('twig.extension.security_csrf', CsrfExtension::class)
|
||||
->tag('twig.extension')
|
||||
;
|
||||
};
|
||||
@ -1,34 +0,0 @@
|
||||
<?xml version="1.0" ?>
|
||||
|
||||
<container xmlns="http://symfony.com/schema/dic/services"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://symfony.com/schema/dic/services https://symfony.com/schema/dic/services/services-1.0.xsd">
|
||||
|
||||
<services>
|
||||
<defaults public="false" />
|
||||
|
||||
<service id="security.csrf.token_generator" class="Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator" />
|
||||
<service id="Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface" alias="security.csrf.token_generator" />
|
||||
|
||||
<service id="security.csrf.token_storage" class="Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage">
|
||||
<argument type="service" id="session" />
|
||||
</service>
|
||||
<service id="Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface" alias="security.csrf.token_storage" />
|
||||
|
||||
<service id="security.csrf.token_manager" class="Symfony\Component\Security\Csrf\CsrfTokenManager" public="true">
|
||||
<argument type="service" id="security.csrf.token_generator" />
|
||||
<argument type="service" id="security.csrf.token_storage" />
|
||||
<argument type="service" id="request_stack" on-invalid="ignore" />
|
||||
</service>
|
||||
<service id="Symfony\Component\Security\Csrf\CsrfTokenManagerInterface" alias="security.csrf.token_manager" />
|
||||
|
||||
<service id="twig.runtime.security_csrf" class="Symfony\Bridge\Twig\Extension\CsrfRuntime">
|
||||
<tag name="twig.runtime" />
|
||||
<argument type="service" id="security.csrf.token_manager" />
|
||||
</service>
|
||||
|
||||
<service id="twig.extension.security_csrf" class="Symfony\Bridge\Twig\Extension\CsrfExtension">
|
||||
<tag name="twig.extension" />
|
||||
</service>
|
||||
</services>
|
||||
</container>
|
||||
Reference in New Issue
Block a user