public function testUseExistingTokenIfAvailable() { $this->storage->expects($this->once())->method('hasToken')->with('token_id')->will($this->returnValue(true)); $this->storage->expects($this->once())->method('getToken')->with('token_id')->will($this->returnValue('TOKEN')); $token = $this->manager->getToken('token_id'); $this->assertInstanceOf('Symfony\\Component\\Security\\Csrf\\CsrfToken', $token); $this->assertSame('token_id', $token->getId()); $this->assertSame('TOKEN', $token->getValue()); }
public function generateToken($entity) { $className = get_class($entity); if (method_exists($entity, 'getId')) { $entityName = $entity->getId(); } elseif (method_exists($entity, '__toString')) { $entityName = $entity->__toString(); } else { throw new ObjectDoesNotContainMethods(['getId()', '__toString()']); } return $this->tokenManager->getToken($className . ':' . $entityName)->getValue(); }
/** * Returns the csrf token for REST. The token is generated if it doesn't exist. * * @return string The csrf token, or an empty string if csrf check is disabled. */ private function getCsrfToken() { if ($this->csrfTokenManager === null) { return ''; } return $this->csrfTokenManager->getToken($this->csrfTokenIntention)->getValue(); }
function it_should_get_the_csrf_token_value(CsrfTokenManager $tokenManager, CsrfToken $token) { $tokenManager->getToken('_csrf_login')->willReturn($token); $this->beConstructedWith($tokenManager); $this->getToken('_csrf_login'); $token->getValue()->shouldHaveBeenCalled(); }
public function runTest() { $tokenStorage = new ArrayTokenStorage(); $crsfTokenManager = new CsrfTokenManager(null, $tokenStorage); $token = $crsfTokenManager->getToken("montest"); if ($crsfTokenManager->isTokenValid($token)) { echo "[VALIDATION] OK" . PHP_EOL; } else { echo "[VALIDATION] KO" . PHP_EOL; } echo "Tokens stockés : " . print_r($tokenStorage->all(), true) . PHP_EOL; }
/** * @param BlockInterface $block * * @return array */ public function getViewParameters(BlockInterface $block) { $authErrorKey = Security::AUTHENTICATION_ERROR; $lastUsernameKey = Security::LAST_USERNAME; // get the error if any (works with forward and redirect -- see below) if ($this->getRequest()->attributes->has($authErrorKey)) { $error = $this->getRequest()->attributes->get($authErrorKey); } elseif (null !== $this->session && $this->session->has($authErrorKey)) { $error = $this->session->get($authErrorKey); $this->session->remove($authErrorKey); } else { $error = null; } if (!$error instanceof AuthenticationException) { $error = null; // The value does not come from the security component. } // last username entered by the user $lastUsername = null === $this->session ? '' : $this->session->get($lastUsernameKey); $csrfToken = $this->csrfTokenManager->getToken('authenticate')->getValue(); $parameters = ['block_service' => $this, 'block' => $block, 'last_username' => $lastUsername, 'error' => $error, 'csrf_token' => $csrfToken]; return $parameters; }
/** * Get and set an upload token for this upload form. * * @param FormView $view * @param FormInterface $form * @param array $options */ public function finishView(FormView $view, FormInterface $form, array $options) { parent::finishView($view, $form, $options); /* * Dump the last index (key) of attachment collection array into the view so we can * add new items without accidentally overriding already existing ones */ $data = $form->getData(); end($data); $key = key($data); $view->vars['attachment_index'] = $key; // dump the form's csrf token into the view $token = $this->tokenManager->getToken($view->vars['full_name']); $view->vars['_file_upload_token'] = $token->getValue(); }
/** * @param string $tokenId * @return string */ public function getToken($tokenId) { return $this->tokenManager->getToken($tokenId)->getValue(); }