-
-
Notifications
You must be signed in to change notification settings - Fork 193
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix/initialize security service (#112)
* Code cleanup * Fixed security service initialization * Improved CS * Change getSessionToken() to getRequestToken() in CSRF forms * Added workaround for phalcon/cphalcon#14346 * Do not use helper container()
- Loading branch information
1 parent
c24a6af
commit 3a7b403
Showing
11 changed files
with
138 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
<?php | ||
declare(strict_types=1); | ||
|
||
namespace Phalcon; | ||
|
||
/** | ||
* Extended class for fixing phalcon/cphalcon#14346 issue | ||
* | ||
* @see https://github.com/phalcon/cphalcon/pull/14347 | ||
*/ | ||
class Beta2FixSecurity extends Security | ||
{ | ||
/** | ||
* @inheritDoc | ||
*/ | ||
public function getRequestToken(): string | ||
{ | ||
if (empty($this->requestToken)) { | ||
return $this->getSessionToken(); | ||
} | ||
|
||
return (string) $this->requestToken; | ||
} | ||
|
||
/** | ||
* @inheritDoc | ||
* | ||
* @return string | ||
* @throws Exception | ||
*/ | ||
public function getSessionToken(): string | ||
{ | ||
$di = $this->getDI(); | ||
|
||
if (!is_object($di)) { | ||
throw new Exception( | ||
Exception::containerServiceNotFound("the 'session' service") | ||
); | ||
} | ||
|
||
if ($di->has('session')) { | ||
$session = $di->getShared('session'); | ||
return (string) $session->get($this->tokenValueSessionId); | ||
} | ||
|
||
return ''; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
<?php | ||
declare(strict_types=1); | ||
|
||
/** | ||
* This file is part of the Vökuró. | ||
* | ||
* (c) Phalcon Team <team@phalcon.io> | ||
* | ||
* For the full copyright and license information, please view | ||
* the LICENSE file that was distributed with this source code. | ||
*/ | ||
|
||
namespace Vokuro\Providers; | ||
|
||
use Phalcon\Beta2FixSecurity; | ||
use Phalcon\Di\DiInterface; | ||
use Phalcon\Di\ServiceProviderInterface; | ||
use Phalcon\Security; | ||
use Phalcon\Version; | ||
|
||
class SecurityProvider implements ServiceProviderInterface | ||
{ | ||
/** | ||
* @var string | ||
*/ | ||
protected $providerName = 'security'; | ||
|
||
/** | ||
* @param DiInterface $di | ||
* @return void | ||
*/ | ||
public function register(DiInterface $di): void | ||
{ | ||
$that = $this; | ||
$di->set($this->providerName, function () use ($di, $that) { | ||
return $that->getSecurity($di); | ||
}); | ||
} | ||
|
||
/** | ||
* Remove current method after after next release of Phalcon 4 | ||
* | ||
* @see https://github.com/phalcon/cphalcon/issues/14346 | ||
* | ||
* @param DiInterface $di | ||
* @return Security | ||
*/ | ||
protected function getSecurity(DiInterface $di): Security | ||
{ | ||
if (Version::get() !== '4.0.0-beta.2') { | ||
$security = new Security(); | ||
} else { | ||
$security = new Beta2FixSecurity(); | ||
} | ||
|
||
$security->setDI($di); | ||
|
||
return $security; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters