feature #35284 Simplify UriSigner when working with HttpFoundation's Request (Toflar)
This PR was squashed before being merged into the 5.1-dev branch (closes #35284).
Discussion
----------
Simplify UriSigner when working with HttpFoundation's Request
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
I'm using the `UriSigner` in my own projects from time to time and I've always wondered why I have to manually generate the URI from the `Request` instance in such a way that it is correctly validated.
Let's add a new `checkRequest(Request $request)` method to provide better DX.
Commits
-------
4887b4bee1
Simplify UriSigner when working with HttpFoundation's Request
This commit is contained in:
commit
d099bc395f
@ -83,8 +83,7 @@ class FragmentListener implements EventSubscriberInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
// is the Request signed?
|
// is the Request signed?
|
||||||
// we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
|
if ($this->signer->checkRequest($request)) {
|
||||||
if ($this->signer->check($request->getSchemeAndHttpHost().$request->getBaseUrl().$request->getPathInfo().(null !== ($qs = $request->server->get('QUERY_STRING')) ? '?'.$qs : ''))) {
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
namespace Symfony\Component\HttpKernel\Tests;
|
namespace Symfony\Component\HttpKernel\Tests;
|
||||||
|
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpKernel\UriSigner;
|
use Symfony\Component\HttpKernel\UriSigner;
|
||||||
|
|
||||||
class UriSignerTest extends TestCase
|
class UriSignerTest extends TestCase
|
||||||
@ -52,6 +53,15 @@ class UriSignerTest extends TestCase
|
|||||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testCheckWithRequest()
|
||||||
|
{
|
||||||
|
$signer = new UriSigner('foobar');
|
||||||
|
|
||||||
|
$this->assertTrue($signer->checkRequest(Request::create($signer->sign('http://example.com/foo'))));
|
||||||
|
$this->assertTrue($signer->checkRequest(Request::create($signer->sign('http://example.com/foo?foo=bar'))));
|
||||||
|
$this->assertTrue($signer->checkRequest(Request::create($signer->sign('http://example.com/foo?foo=bar&0=integer'))));
|
||||||
|
}
|
||||||
|
|
||||||
public function testCheckWithDifferentParameter()
|
public function testCheckWithDifferentParameter()
|
||||||
{
|
{
|
||||||
$signer = new UriSigner('foobar', 'qux');
|
$signer = new UriSigner('foobar', 'qux');
|
||||||
|
@ -11,6 +11,8 @@
|
|||||||
|
|
||||||
namespace Symfony\Component\HttpKernel;
|
namespace Symfony\Component\HttpKernel;
|
||||||
|
|
||||||
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Signs URIs.
|
* Signs URIs.
|
||||||
*
|
*
|
||||||
@ -78,6 +80,14 @@ class UriSigner
|
|||||||
return hash_equals($this->computeHash($this->buildUrl($url, $params)), $hash);
|
return hash_equals($this->computeHash($this->buildUrl($url, $params)), $hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function checkRequest(Request $request): bool
|
||||||
|
{
|
||||||
|
$qs = ($qs = $request->server->get('QUERY_STRING')) ? '?'.$qs : '';
|
||||||
|
|
||||||
|
// we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
|
||||||
|
return $this->check($request->getSchemeAndHttpHost().$request->getBaseUrl().$request->getPathInfo().$qs);
|
||||||
|
}
|
||||||
|
|
||||||
private function computeHash(string $uri): string
|
private function computeHash(string $uri): string
|
||||||
{
|
{
|
||||||
return base64_encode(hash_hmac('sha256', $uri, $this->secret, true));
|
return base64_encode(hash_hmac('sha256', $uri, $this->secret, true));
|
||||||
|
Reference in New Issue
Block a user