/** * @magentoAppIsolation enabled */ public function testGetSecretKeyForwarded() { $objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager(); /** @var $encryptor \Magento\Framework\Encryption\EncryptorInterface */ $encryptor = $objectManager->get('Magento\\Framework\\Encryption\\EncryptorInterface'); /** @var $request \Magento\Framework\App\Request\Http */ $request = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()->create('Magento\\Framework\\App\\RequestInterface'); $request->setControllerName('controller')->setActionName('action'); $request->initForward()->setControllerName(uniqid())->setActionName(uniqid()); $this->_model->setRequest($request); \Magento\TestFramework\Helper\Bootstrap::getObjectManager()->get('Magento\\Framework\\Session\\SessionManagerInterface')->setData('_form_key', 'salt'); $this->assertEquals($encryptor->getHash('controller' . 'action' . 'salt'), $this->_model->getSecretKey()); }
/** * Validate Secret Key * * @return bool */ protected function _validateSecretKey() { if (is_array($this->_publicActions) && in_array($this->getRequest()->getActionName(), $this->_publicActions)) { return true; } $secretKey = $this->getRequest()->getParam(\Magento\Backend\Model\UrlInterface::SECRET_KEY_PARAM_NAME, null); if (!$secretKey || $secretKey != $this->_backendUrl->getSecretKey()) { return false; } return true; }
/** * Replace Callback Secret Key * * @param string[] $match * @return string */ protected function _callbackSecretKey($match) { return \Magento\Backend\Model\UrlInterface::SECRET_KEY_PARAM_NAME . '/' . $this->_url->getSecretKey($match[1], $match[2], $match[3]); }