/** * @test */ public function validateAndStripHmacReturnsTheStringWithoutHmac() { $string = ' Some arbitrary string with special characters: öäüß!"§$ '; $hashedString = $this->hashService->appendHmac($string); $actualResult = $this->hashService->validateAndStripHmac($hashedString); $this->assertSame($string, $actualResult); }
/** * Returns an ActionRequest which referred to this request, if any. * * The referring request is not set or determined automatically but must be * explicitly set through the corresponding internal argument "__referrer". * This mechanism is used by FLOW3's form and validation mechanisms. * * @return \TYPO3\FLOW3\Mvc\ActionRequest the referring request, or NULL if no referrer found */ public function getReferringRequest() { if ($this->referringRequest !== NULL) { return $this->referringRequest; } if (!isset($this->internalArguments['__referrer'])) { return NULL; } if (is_array($this->internalArguments['__referrer'])) { $referrerArray = $this->internalArguments['__referrer']; $referringRequest = $this->getHttpRequest()->createActionRequest(); $arguments = array(); if (isset($referrerArray['arguments'])) { $serializedArgumentsWithHmac = $referrerArray['arguments']; $serializedArguments = $this->hashService->validateAndStripHmac($serializedArgumentsWithHmac); $arguments = unserialize(base64_decode($serializedArguments)); unset($referrerArray['arguments']); } $referringRequest->setArguments(\TYPO3\FLOW3\Utility\Arrays::arrayMergeRecursiveOverrule($arguments, $referrerArray)); return $referringRequest; } else { $this->referringRequest = $this->internalArguments['__referrer']; } return $this->referringRequest; }
/** * Initialize the property mapping configuration in $controllerArguments if * the trusted properties are set inside the request. * * @param \TYPO3\FLOW3\Mvc\ActionRequest $request * @param \TYPO3\FLOW3\Mvc\Controller\Arguments $controllerArguments * @return void */ public function initializePropertyMappingConfigurationFromRequest(\TYPO3\FLOW3\Mvc\ActionRequest $request, \TYPO3\FLOW3\Mvc\Controller\Arguments $controllerArguments) { $trustedPropertiesToken = $request->getInternalArgument('__trustedProperties'); if (!is_string($trustedPropertiesToken)) { return; } $serializedTrustedProperties = $this->hashService->validateAndStripHmac($trustedPropertiesToken); $trustedProperties = unserialize($serializedTrustedProperties); foreach ($trustedProperties as $propertyName => $propertyConfiguration) { if (!$controllerArguments->hasArgument($propertyName)) { continue; } $propertyMappingConfiguration = $controllerArguments->getArgument($propertyName)->getPropertyMappingConfiguration(); $this->modifyPropertyMappingConfiguration($propertyConfiguration, $propertyMappingConfiguration); } }