Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and To…
…kenGenerator
- Loading branch information
Showing
46 changed files
with
1,251 additions
and
459 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,8 +11,11 @@ | |
|
||
namespace Symfony\Bridge\Twig\Form; | ||
|
||
use Symfony\Component\Form\Exception\UnexpectedTypeException; | ||
use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderAdapter; | ||
use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface; | ||
use Symfony\Component\Form\FormRenderer; | ||
use Symfony\Component\Security\Csrf\CsrfTokenGeneratorInterface; | ||
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface; | ||
|
||
/** | ||
* @author Bernhard Schussek <bschussek@gmail.com> | ||
|
@@ -24,9 +27,15 @@ class TwigRenderer extends FormRenderer implements TwigRendererInterface | |
*/ | ||
private $engine; | ||
|
||
public function __construct(TwigRendererEngineInterface $engine, CsrfTokenGeneratorInterface $csrfTokenGenerator = null) | ||
public function __construct(TwigRendererEngineInterface $engine, $csrfTokenManager = null) | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
stof
Member
|
||
{ | ||
parent::__construct($engine, $csrfTokenGenerator); | ||
if ($csrfTokenManager instanceof CsrfProviderInterface) { | ||
$csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager); | ||
} elseif (null !== $csrfTokenManager && !$csrfTokenManager instanceof CsrfTokenManagerInterface) { | ||
throw new UnexpectedTypeException($csrfTokenManager, 'CsrfProviderInterface or CsrfTokenManagerInterface'); | ||
} | ||
|
||
parent::__construct($engine, $csrfTokenManager); | ||
|
||
$this->engine = $engine; | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75 changes: 75 additions & 0 deletions
75
src/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderAdapter.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the Symfony package. | ||
* | ||
* (c) Fabien Potencier <fabien@symfony.com> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
namespace Symfony\Component\Form\Extension\Csrf\CsrfProvider; | ||
|
||
use Symfony\Component\Form\Exception\BadMethodCallException; | ||
use Symfony\Component\Security\Csrf\CsrfToken; | ||
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface; | ||
|
||
/** | ||
* Adapter for using old CSRF providers where the new {@link CsrfTokenManagerInterface} | ||
* is expected. | ||
* | ||
* @since 2.4 | ||
* @author Bernhard Schussek <bschussek@gmail.com> | ||
* | ||
* @deprecated Deprecated since version 2.4, to be removed in Symfony 3.0. | ||
*/ | ||
class CsrfProviderAdapter implements CsrfTokenManagerInterface | ||
{ | ||
/** | ||
* @var CsrfProviderInterface | ||
*/ | ||
private $csrfProvider; | ||
|
||
public function __construct(CsrfProviderInterface $csrfProvider) | ||
{ | ||
$this->csrfProvider = $csrfProvider; | ||
} | ||
|
||
public function getCsrfProvider() | ||
{ | ||
return $this->csrfProvider; | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function getToken($tokenId) | ||
{ | ||
return $this->csrfProvider->generateCsrfToken($tokenId); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function refreshToken($tokenId) | ||
{ | ||
throw new BadMethodCallException('Not supported'); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function removeToken($tokenId) | ||
{ | ||
throw new BadMethodCallException('Not supported'); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function isTokenValid(CsrfToken $token) | ||
{ | ||
return $this->csrfProvider->isCsrfTokenValid($token->getId(), $token->getValue()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 0 additions & 26 deletions
26
src/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfTokenGeneratorAdapter.php
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.
Why not CsrfTokenManagerInterface $crsfTokenManager = null ?