minor #37206 [FrameworkBundle] Move security-csrf configuration to PHP (j.schmitt)
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move security-csrf configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Moving security-csrf configuration in framework bundle to PHP.
Commits
-------
a2d6581345
[FrameworkBundle] Move security-csrf configuration to PHP
This commit is contained in:
commit
c48a30e012
@ -288,7 +288,7 @@ class FrameworkExtension extends Extension
|
|||||||
if (null === $config['csrf_protection']['enabled']) {
|
if (null === $config['csrf_protection']['enabled']) {
|
||||||
$config['csrf_protection']['enabled'] = $this->sessionConfigEnabled && !class_exists(FullStack::class) && interface_exists(CsrfTokenManagerInterface::class);
|
$config['csrf_protection']['enabled'] = $this->sessionConfigEnabled && !class_exists(FullStack::class) && interface_exists(CsrfTokenManagerInterface::class);
|
||||||
}
|
}
|
||||||
$this->registerSecurityCsrfConfiguration($config['csrf_protection'], $container, $loader);
|
$this->registerSecurityCsrfConfiguration($config['csrf_protection'], $container, $phpLoader);
|
||||||
|
|
||||||
if ($this->isConfigEnabled($container, $config['form'])) {
|
if ($this->isConfigEnabled($container, $config['form'])) {
|
||||||
if (!class_exists('Symfony\Component\Form\Form')) {
|
if (!class_exists('Symfony\Component\Form\Form')) {
|
||||||
@ -1439,7 +1439,7 @@ class FrameworkExtension extends Extension
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private function registerSecurityCsrfConfiguration(array $config, ContainerBuilder $container, XmlFileLoader $loader)
|
private function registerSecurityCsrfConfiguration(array $config, ContainerBuilder $container, PhpFileLoader $phpLoader)
|
||||||
{
|
{
|
||||||
if (!$this->isConfigEnabled($container, $config)) {
|
if (!$this->isConfigEnabled($container, $config)) {
|
||||||
return;
|
return;
|
||||||
@ -1454,7 +1454,7 @@ class FrameworkExtension extends Extension
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Enable services for CSRF protection (even without forms)
|
// Enable services for CSRF protection (even without forms)
|
||||||
$loader->load('security_csrf.xml');
|
$phpLoader->load('security_csrf.php');
|
||||||
|
|
||||||
if (!class_exists(CsrfExtension::class)) {
|
if (!class_exists(CsrfExtension::class)) {
|
||||||
$container->removeDefinition('twig.extension.security_csrf');
|
$container->removeDefinition('twig.extension.security_csrf');
|
||||||
|
@ -0,0 +1,52 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This file is part of the Symfony package.
|
||||||
|
*
|
||||||
|
* (c) Fabien Potencier <fabien@symfony.com>
|
||||||
|
*
|
||||||
|
* For the full copyright and license information, please view the LICENSE
|
||||||
|
* file that was distributed with this source code.
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
|
||||||
|
|
||||||
|
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
|
||||||
|
use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator;
|
||||||
|
use Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface;
|
||||||
|
use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage;
|
||||||
|
use Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface;
|
||||||
|
use Symfony\Component\Security\Csrf\CsrfTokenManager;
|
||||||
|
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
|
||||||
|
use Symfony\Bridge\Twig\Extension\CsrfRuntime;
|
||||||
|
use Symfony\Bridge\Twig\Extension\CsrfExtension;
|
||||||
|
|
||||||
|
return static function (ContainerConfigurator $container) {
|
||||||
|
$container->services()
|
||||||
|
->set('security.csrf.token_generator', UriSafeTokenGenerator::class)
|
||||||
|
|
||||||
|
->alias(TokenGeneratorInterface::class, 'security.csrf.token_generator')
|
||||||
|
|
||||||
|
->set('security.csrf.token_storage', SessionTokenStorage::class)
|
||||||
|
->args([service('session')])
|
||||||
|
|
||||||
|
->alias(TokenStorageInterface::class, 'security.csrf.token_storage')
|
||||||
|
|
||||||
|
->set('security.csrf.token_manager', CsrfTokenManager::class)
|
||||||
|
->public()
|
||||||
|
->args([
|
||||||
|
service('security.csrf.token_generator'),
|
||||||
|
service('security.csrf.token_storage'),
|
||||||
|
service('request_stack')->ignoreOnInvalid()
|
||||||
|
])
|
||||||
|
|
||||||
|
->alias(CsrfTokenManagerInterface::class, 'security.csrf.token_manager')
|
||||||
|
|
||||||
|
->set('twig.runtime.security_csrf', CsrfRuntime::class)
|
||||||
|
->args([service('security.csrf.token_manager')])
|
||||||
|
->tag('twig.runtime')
|
||||||
|
|
||||||
|
->set('twig.extension.security_csrf', CsrfExtension::class)
|
||||||
|
->tag('twig.extension')
|
||||||
|
;
|
||||||
|
};
|
@ -1,34 +0,0 @@
|
|||||||
<?xml version="1.0" ?>
|
|
||||||
|
|
||||||
<container xmlns="http://symfony.com/schema/dic/services"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://symfony.com/schema/dic/services https://symfony.com/schema/dic/services/services-1.0.xsd">
|
|
||||||
|
|
||||||
<services>
|
|
||||||
<defaults public="false" />
|
|
||||||
|
|
||||||
<service id="security.csrf.token_generator" class="Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator" />
|
|
||||||
<service id="Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface" alias="security.csrf.token_generator" />
|
|
||||||
|
|
||||||
<service id="security.csrf.token_storage" class="Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage">
|
|
||||||
<argument type="service" id="session" />
|
|
||||||
</service>
|
|
||||||
<service id="Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface" alias="security.csrf.token_storage" />
|
|
||||||
|
|
||||||
<service id="security.csrf.token_manager" class="Symfony\Component\Security\Csrf\CsrfTokenManager" public="true">
|
|
||||||
<argument type="service" id="security.csrf.token_generator" />
|
|
||||||
<argument type="service" id="security.csrf.token_storage" />
|
|
||||||
<argument type="service" id="request_stack" on-invalid="ignore" />
|
|
||||||
</service>
|
|
||||||
<service id="Symfony\Component\Security\Csrf\CsrfTokenManagerInterface" alias="security.csrf.token_manager" />
|
|
||||||
|
|
||||||
<service id="twig.runtime.security_csrf" class="Symfony\Bridge\Twig\Extension\CsrfRuntime">
|
|
||||||
<tag name="twig.runtime" />
|
|
||||||
<argument type="service" id="security.csrf.token_manager" />
|
|
||||||
</service>
|
|
||||||
|
|
||||||
<service id="twig.extension.security_csrf" class="Symfony\Bridge\Twig\Extension\CsrfExtension">
|
|
||||||
<tag name="twig.extension" />
|
|
||||||
</service>
|
|
||||||
</services>
|
|
||||||
</container>
|
|
Reference in New Issue
Block a user