/** * Sets a cookie to the response containing the CRSF token. * * @param FilterResponseEvent $event */ public function onKernelResponse(FilterResponseEvent $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType() || !$this->routeMatcher->match($event->getRequest(), $this->routes)) { return; } $event->getResponse()->headers->setCookie(new Cookie($this->cookieName, $this->angularCsrfTokenManager->getToken()->getValue(), $this->cookieExpire, $this->cookiePath, $this->cookieDomain, $this->cookieSecure, false)); }
public function let(AngularCsrfTokenManager $tokenManager, RouteMatcherInterface $routeMatcher, Request $secureRequest, Request $unsecureRequest, CsrfToken $token) { $token->getValue()->willReturn(self::TOKEN_VALUE); $tokenManager->getToken()->willReturn($token); $this->secureRequest = $secureRequest; $this->unsecureRequest = $unsecureRequest; $routeMatcher->match($this->secureRequest, $this->routes)->willReturn(true); $routeMatcher->match($this->unsecureRequest, $this->routes)->willReturn(false); $this->beConstructedWith($tokenManager, $routeMatcher, $this->routes, self::COOKIE_NAME, self::COOKIE_EXPIRE, self::COOKIE_PATH, self::COOKIE_DOMAIN, self::COOKIE_SECURE); }