Etusivu Tutki Apua
Kirjaudu sisään
dima
/
balticrest
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: 8967e8d364
Haarat Tagit
balticrest
/
vendor
/
symfony
/
security-bundle
/
DependencyInjection
/
Compiler
/
RegisterCsrfFeaturesPass.php

RegisterCsrfFeaturesPass.php 2.3 KB
Historia Raaka

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4.  * This file is part of the Symfony package.
    5. 

  5.  *
    6. 

  6.  * (c) Fabien Potencier <fabien@symfony.com>
    7. 

  7.  *
    8. 

  8.  * For the full copyright and license information, please view the LICENSE
    9. 

  9.  * file that was distributed with this source code.
    10. 

  10.  */
    11. 

  11. 

  12. namespace Symfony\Bundle\SecurityBundle\DependencyInjection\Compiler;
    13. 

  13. 

  14. use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
    15. 

  15. use Symfony\Component\DependencyInjection\ContainerBuilder;
    16. 

  16. use Symfony\Component\DependencyInjection\Reference;
    17. 

  17. use Symfony\Component\Security\Http\EventListener\CsrfProtectionListener;
    18. 

  18. use Symfony\Component\Security\Http\EventListener\CsrfTokenClearingLogoutListener;
    19. 

  19. 

  20. /**
    21. 

  21.  * @author Christian Flothmann <christian.flothmann@sensiolabs.de>
    22. 

  22.  * @author Wouter de Jong <wouter@wouterj.nl>
    23. 

  23.  *
    24. 

  24.  * @internal
    25. 

  25.  */
    26. 

  26. class RegisterCsrfFeaturesPass implements CompilerPassInterface
    27. 

  27. {
    28. 

  28.     public function process(ContainerBuilder $container)
    29. 

  29.     {
    30. 

  30.         $this->registerCsrfProtectionListener($container);
    31. 

  31.         $this->registerLogoutHandler($container);
    32. 

  32.     }
    33. 

  33. 

  34.     private function registerCsrfProtectionListener(ContainerBuilder $container)
    35. 

  35.     {
    36. 

  36.         if (!$container->has('security.authenticator.manager') || !$container->has('security.csrf.token_manager')) {
    37. 

  37.             return;
    38. 

  38.         }
    39. 

  39. 

  40.         $container->register('security.listener.csrf_protection', CsrfProtectionListener::class)
    41. 

  41.             ->addArgument(new Reference('security.csrf.token_manager'))
    42. 

  42.             ->addTag('kernel.event_subscriber')
    43. 

  43.             ->setPublic(false);
    44. 

  44.     }
    45. 

  45. 

  46.     protected function registerLogoutHandler(ContainerBuilder $container)
    47. 

  47.     {
    48. 

  48.         if (!$container->has('security.logout_listener') || !$container->has('security.csrf.token_storage')) {
    49. 

  49.             return;
    50. 

  50.         }
    51. 

  51. 

  52.         $csrfTokenStorage = $container->findDefinition('security.csrf.token_storage');
    53. 

  53.         $csrfTokenStorageClass = $container->getParameterBag()->resolveValue($csrfTokenStorage->getClass());
    54. 

  54. 

  55.         if (!is_subclass_of($csrfTokenStorageClass, 'Symfony\Component\Security\Csrf\TokenStorage\ClearableTokenStorageInterface')) {
    56. 

  56.             return;
    57. 

  57.         }
    58. 

  58. 

  59.         $container->register('security.logout.listener.csrf_token_clearing', CsrfTokenClearingLogoutListener::class)
    60. 

  60.             ->addArgument(new Reference('security.csrf.token_storage'))
    61. 

  61.             ->addTag('kernel.event_subscriber')
    62. 

  62.             ->setPublic(false);
    63. 

  63.     }
    64. 

  64. }
    65.