CsrfTokenManagerInterface.php 1.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\Security\Csrf;
  11. /**
  12. * Manages CSRF tokens.
  13. *
  14. * @author Bernhard Schussek <bschussek@gmail.com>
  15. */
  16. interface CsrfTokenManagerInterface
  17. {
  18. /**
  19. * Returns a CSRF token for the given ID.
  20. *
  21. * If previously no token existed for the given ID, a new token is
  22. * generated. Otherwise the existing token is returned (with the same value,
  23. * not the same instance).
  24. *
  25. * @param string $tokenId The token ID. You may choose an arbitrary value
  26. * for the ID
  27. *
  28. * @return CsrfToken The CSRF token
  29. */
  30. public function getToken(string $tokenId);
  31. /**
  32. * Generates a new token value for the given ID.
  33. *
  34. * This method will generate a new token for the given token ID, independent
  35. * of whether a token value previously existed or not. It can be used to
  36. * enforce once-only tokens in environments with high security needs.
  37. *
  38. * @param string $tokenId The token ID. You may choose an arbitrary value
  39. * for the ID
  40. *
  41. * @return CsrfToken The CSRF token
  42. */
  43. public function refreshToken(string $tokenId);
  44. /**
  45. * Invalidates the CSRF token with the given ID, if one exists.
  46. *
  47. * @return string|null Returns the removed token value if one existed, NULL
  48. * otherwise
  49. */
  50. public function removeToken(string $tokenId);
  51. /**
  52. * Returns whether the given CSRF token is valid.
  53. *
  54. * @return bool Returns true if the token is valid, false otherwise
  55. */
  56. public function isTokenValid(CsrfToken $token);
  57. }