/** * {@inheritdoc} */ public function renderCsrfToken($tokenId) { if (null === $this->csrfTokenManager) { throw new BadMethodCallException('CSRF tokens can only be generated if a CsrfTokenManagerInterface is injected in FormRenderer::__construct().'); } return $this->csrfTokenManager->getToken($tokenId)->getValue(); }
public function getConfig() { $sessionInfo = ['isStarted' => false]; if ($this->session->isStarted()) { $sessionInfo['isStarted'] = true; $sessionInfo['name'] = $this->session->getName(); $sessionInfo['identifier'] = $this->session->getId(); $sessionInfo['csrfToken'] = $this->csrfTokenManager->getToken($this->csrfTokenIntention)->getValue(); $sessionInfo['href'] = $this->generateUrl('ezpublish_rest_deleteSession', ['sessionId' => $this->session->getId()]); } return $sessionInfo; }
/** * onKernelResponse * * @param FilterResponseEvent $event */ public function onKernelResponse(FilterResponseEvent $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) { return; } $event->getResponse()->headers->setCookie(new Cookie($this->cookieName, $this->csrfTokenManager->getToken('rest_csrf')->getValue(), $this->cookieExpire, $this->cookiePath, $this->cookieDomain, $this->cookieSecure, false)); }
public function let(CsrfTokenManagerInterface $tokenManager, CsrfToken $token) { $tokenManager->getToken(self::ID)->willReturn($token); $tokenManager->refreshToken(self::ID)->willReturn($token); $tokenManager->removeToken(self::ID)->willReturn(self::VALUE); $tokenManager->isTokenValid(Argument::type('Symfony\\Component\\Security\\Csrf\\CsrfToken'))->willReturn(true); $this->beConstructedWith($tokenManager, self::ID); }
/** * Generate a token for a given id * @param string $tokenId * @param boolean $refresh * @return string */ protected function getToken($tokenId, $refresh = false) { if ($refresh) { $token = $this->manager->refreshToken($tokenId)->getValue(); } else { $token = $this->manager->getToken($tokenId)->getValue(); } $this->logger->debug("CSRF: generated token '{$token}' for '{$tokenId}'"); return $token; }
/** * Handles the request token. * * @throws AjaxRedirectResponseException|InvalidRequestTokenException If the token is invalid */ private function handleRequestToken() { // Deprecated since Contao 4.0, to be removed in Contao 5.0 if (!defined('REQUEST_TOKEN')) { define('REQUEST_TOKEN', $this->tokenManager->getToken($this->csrfTokenName)->getValue()); } if (null === $this->request || 'POST' !== $this->request->getRealMethod()) { return; } $token = new CsrfToken($this->csrfTokenName, $this->request->request->get('REQUEST_TOKEN')); if ($this->tokenManager->isTokenValid($token)) { return; } if ($this->request->isXmlHttpRequest()) { throw new AjaxRedirectResponseException($this->router->generate('contao_backend')); } throw new InvalidRequestTokenException('Invalid request token. Please reload the page and try again.'); }
/** * {@inheritdoc} */ public function generateCsrfToken($intention) { trigger_error('The ' . __METHOD__ . ' method is deprecated since version 2.4 and will be removed in version 3.0. Use the Symfony\\Component\\Security\\Csrf\\CsrfTokenManager class instead.', E_USER_DEPRECATED); return $this->tokenManager->getToken($intention)->getValue(); }
/** * {@inheritdoc} */ public function generateCsrfToken($intention) { return $this->tokenManager->getToken($intention)->getValue(); }
public function getCsrfToken($intention) { return $this->csrfTokenManager->getToken($intention); }
/** * Gets the CSRF token. * * @return CsrfToken * * @see CsrfTokenManagerInterface::getToken() */ public function getToken() { return $this->csrfTokenManager->getToken($this->tokenId); }