CsrfTokenManager
in package
implements
CsrfTokenManagerInterface
Default implementation of {@link CsrfTokenManagerInterface}.
Tags
Table of Contents
Interfaces
- CsrfTokenManagerInterface
- Manages CSRF tokens.
Properties
- $generator : mixed
- $namespace : Closure|string
- $storage : mixed
Methods
- __construct() : mixed
- getToken() : CsrfToken
- Returns a CSRF token for the given ID.
- isTokenValid() : bool
- Returns whether the given CSRF token is valid.
- refreshToken() : CsrfToken
- Generates a new token value for the given ID.
- removeToken() : string|null
- Invalidates the CSRF token with the given ID, if one exists.
- derandomize() : string
- getNamespace() : string
- randomize() : string
- xor() : string
Properties
$generator
private
mixed
$generator
$namespace
private
Closure|string
$namespace
$storage
private
mixed
$storage
Methods
__construct()
public
__construct([TokenGeneratorInterface $generator = null ][, TokenStorageInterface $storage = null ][, $namespace = null ]) : mixed
Parameters
- $generator : TokenGeneratorInterface = null
- $storage : TokenStorageInterface = null
- $namespace : = null
-
- null: generates a namespace using $_SERVER['HTTPS']
- string: uses the given string
- RequestStack: generates a namespace using the current main request
- callable: uses the result of this callable (must return a string)
getToken()
Returns a CSRF token for the given ID.
public
getToken(string $tokenId) : CsrfToken
Parameters
- $tokenId : string
-
The token ID. You may choose an arbitrary value for the ID
Return values
CsrfTokenisTokenValid()
Returns whether the given CSRF token is valid.
public
isTokenValid(CsrfToken $token) : bool
Parameters
- $token : CsrfToken
Return values
boolrefreshToken()
Generates a new token value for the given ID.
public
refreshToken(string $tokenId) : CsrfToken
Parameters
- $tokenId : string
-
The token ID. You may choose an arbitrary value for the ID
Return values
CsrfTokenremoveToken()
Invalidates the CSRF token with the given ID, if one exists.
public
removeToken(string $tokenId) : string|null
Parameters
- $tokenId : string
Return values
string|null —Returns the removed token value if one existed, NULL otherwise
derandomize()
private
derandomize(string $value) : string
Parameters
- $value : string
Return values
stringgetNamespace()
private
getNamespace() : string
Return values
stringrandomize()
private
randomize(string $value) : string
Parameters
- $value : string
Return values
stringxor()
private
xor(string $value, string $key) : string
Parameters
- $value : string
- $key : string