From d4420280639bc9ae9edd2c57eb4ae687ad03dee0 Mon Sep 17 00:00:00 2001
From: Tobias Schultze <webmaster@tubo-world.de>
Date: Sat, 29 Jun 2019 19:44:34 +0200
Subject: [PATCH] [CSRF] add more parameter types

---
 .../Security/Csrf/CsrfTokenManager.php          |  2 +-
 .../Security/Csrf/CsrfTokenManagerInterface.php |  2 --
 .../Csrf/Tests/CsrfTokenManagerTest.php         |  2 ++
 .../TokenStorage/NativeSessionTokenStorage.php  | 10 +++++-----
 .../Csrf/TokenStorage/SessionTokenStorage.php   | 10 +++++-----
 .../Csrf/TokenStorage/TokenStorageInterface.php | 17 ++++-------------
 6 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/src/Symfony/Component/Security/Csrf/CsrfTokenManager.php b/src/Symfony/Component/Security/Csrf/CsrfTokenManager.php
index 84a0b330bb3f..6a28fea63b77 100644
--- a/src/Symfony/Component/Security/Csrf/CsrfTokenManager.php
+++ b/src/Symfony/Component/Security/Csrf/CsrfTokenManager.php
@@ -114,7 +114,7 @@ public function isTokenValid(CsrfToken $token)
         return hash_equals($this->storage->getToken($namespacedId), $token->getValue());
     }
 
-    private function getNamespace()
+    private function getNamespace(): string
     {
         return \is_callable($ns = $this->namespace) ? $ns() : $ns;
     }
diff --git a/src/Symfony/Component/Security/Csrf/CsrfTokenManagerInterface.php b/src/Symfony/Component/Security/Csrf/CsrfTokenManagerInterface.php
index 588090cd1d28..a2dfdaf0f203 100644
--- a/src/Symfony/Component/Security/Csrf/CsrfTokenManagerInterface.php
+++ b/src/Symfony/Component/Security/Csrf/CsrfTokenManagerInterface.php
@@ -49,8 +49,6 @@ public function refreshToken(string $tokenId);
     /**
      * Invalidates the CSRF token with the given ID, if one exists.
      *
-     * @param string $tokenId The token ID
-     *
      * @return string|null Returns the removed token value if one existed, NULL
      *                     otherwise
      */
diff --git a/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php b/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
index 631c36a0db0a..63d7ac6d6969 100644
--- a/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
+++ b/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
@@ -160,6 +160,7 @@ public function testRemoveToken($namespace, $manager, $storage)
     public function testNamespaced()
     {
         $generator = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface')->getMock();
+        $generator->expects($this->once())->method('generateToken')->willReturn('random');
         $storage = $this->getMockBuilder('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface')->getMock();
 
         $requestStack = new RequestStack();
@@ -169,6 +170,7 @@ public function testNamespaced()
 
         $token = $manager->getToken('foo');
         $this->assertSame('foo', $token->getId());
+        $this->assertSame('random', $token->getValue());
     }
 
     public function getManagerGeneratorAndStorage()
diff --git a/src/Symfony/Component/Security/Csrf/TokenStorage/NativeSessionTokenStorage.php b/src/Symfony/Component/Security/Csrf/TokenStorage/NativeSessionTokenStorage.php
index aa59240be082..3a5cd0f8fef8 100644
--- a/src/Symfony/Component/Security/Csrf/TokenStorage/NativeSessionTokenStorage.php
+++ b/src/Symfony/Component/Security/Csrf/TokenStorage/NativeSessionTokenStorage.php
@@ -41,7 +41,7 @@ public function __construct(string $namespace = self::SESSION_NAMESPACE)
     /**
      * {@inheritdoc}
      */
-    public function getToken($tokenId)
+    public function getToken(string $tokenId)
     {
         if (!$this->sessionStarted) {
             $this->startSession();
@@ -57,19 +57,19 @@ public function getToken($tokenId)
     /**
      * {@inheritdoc}
      */
-    public function setToken($tokenId, $token)
+    public function setToken(string $tokenId, string $token)
     {
         if (!$this->sessionStarted) {
             $this->startSession();
         }
 
-        $_SESSION[$this->namespace][$tokenId] = (string) $token;
+        $_SESSION[$this->namespace][$tokenId] = $token;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function hasToken($tokenId)
+    public function hasToken(string $tokenId)
     {
         if (!$this->sessionStarted) {
             $this->startSession();
@@ -81,7 +81,7 @@ public function hasToken($tokenId)
     /**
      * {@inheritdoc}
      */
-    public function removeToken($tokenId)
+    public function removeToken(string $tokenId)
     {
         if (!$this->sessionStarted) {
             $this->startSession();
diff --git a/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php b/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php
index 67f93ec6724b..c031069afbba 100644
--- a/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php
+++ b/src/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.php
@@ -44,7 +44,7 @@ public function __construct(SessionInterface $session, string $namespace = self:
     /**
      * {@inheritdoc}
      */
-    public function getToken($tokenId)
+    public function getToken(string $tokenId)
     {
         if (!$this->session->isStarted()) {
             $this->session->start();
@@ -60,19 +60,19 @@ public function getToken($tokenId)
     /**
      * {@inheritdoc}
      */
-    public function setToken($tokenId, $token)
+    public function setToken(string $tokenId, string $token)
     {
         if (!$this->session->isStarted()) {
             $this->session->start();
         }
 
-        $this->session->set($this->namespace.'/'.$tokenId, (string) $token);
+        $this->session->set($this->namespace.'/'.$tokenId, $token);
     }
 
     /**
      * {@inheritdoc}
      */
-    public function hasToken($tokenId)
+    public function hasToken(string $tokenId)
     {
         if (!$this->session->isStarted()) {
             $this->session->start();
@@ -84,7 +84,7 @@ public function hasToken($tokenId)
     /**
      * {@inheritdoc}
      */
-    public function removeToken($tokenId)
+    public function removeToken(string $tokenId)
     {
         if (!$this->session->isStarted()) {
             $this->session->start();
diff --git a/src/Symfony/Component/Security/Csrf/TokenStorage/TokenStorageInterface.php b/src/Symfony/Component/Security/Csrf/TokenStorage/TokenStorageInterface.php
index 92386fbbda34..88ef40379fba 100644
--- a/src/Symfony/Component/Security/Csrf/TokenStorage/TokenStorageInterface.php
+++ b/src/Symfony/Component/Security/Csrf/TokenStorage/TokenStorageInterface.php
@@ -21,38 +21,29 @@ interface TokenStorageInterface
     /**
      * Reads a stored CSRF token.
      *
-     * @param string $tokenId The token ID
-     *
      * @return string The stored token
      *
      * @throws \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException If the token ID does not exist
      */
-    public function getToken($tokenId);
+    public function getToken(string $tokenId);
 
     /**
      * Stores a CSRF token.
-     *
-     * @param string $tokenId The token ID
-     * @param string $token   The CSRF token
      */
-    public function setToken($tokenId, $token);
+    public function setToken(string $tokenId, string $token);
 
     /**
      * Removes a CSRF token.
      *
-     * @param string $tokenId The token ID
-     *
      * @return string|null Returns the removed token if one existed, NULL
      *                     otherwise
      */
-    public function removeToken($tokenId);
+    public function removeToken(string $tokenId);
 
     /**
      * Checks whether a token with the given token ID exists.
      *
-     * @param string $tokenId The token ID
-     *
      * @return bool Whether a token exists with the given ID
      */
-    public function hasToken($tokenId);
+    public function hasToken(string $tokenId);
 }