Skip to content
GitLab
Commit 216ad121 authored by Raidelet Nicolas's avatar Raidelet Nicolas Committed by Guillaume Perréal
Browse files

CsrfProviderInterface => CsrfTokenManagerInterface

parent 1175d22c
master 1.x 3.x 4.x 5-migration-vers-la-nouvelle-architecture-basee-sur-webpack-npm 6-supprimer-isdevtools 8-enrichir-le-dossier-test-sur-la-base-de-la-nouvelle-architecture 8-enrichir-le-dossier-test-sur-la-base-de-la-nouvelle-architecture-2 remplacer_assetic_par_webpack symfony3.4_ramsey_compatibility 2.1.0 2.0.2 2.0.1 2.0.0 1.0.1
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 16 additions and 6 deletions
+16 -6
Controller/UploadController.php
+ 16
6
View file @ 216ad121
...@@ -14,7 +14,6 @@ use Irstea\FileUploadBundle\Model\UploadedFileInterface; ...@@ -14,7 +14,6 @@ use Irstea\FileUploadBundle\Model\UploadedFileInterface;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface;
use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
...@@ -24,6 +23,7 @@ use Symfony\Component\HttpKernel\Exception\HttpException; ...@@ -24,6 +23,7 @@ use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
use Symfony\Component\Templating\EngineInterface; use Symfony\Component\Templating\EngineInterface;
/** /**
...@@ -44,9 +44,9 @@ class UploadController extends Controller ...@@ -44,9 +44,9 @@ class UploadController extends Controller
protected $urlGenerator; protected $urlGenerator;
/** /**
* @var CsrfProviderInterface * @var CsrfTokenManagerInterface
*/ */
protected $csrfProvider; protected $csrfTokenManager;
/** /**
* @var TokenStorageInterface * @var TokenStorageInterface
...@@ -58,16 +58,25 @@ class UploadController extends Controller ...@@ -58,16 +58,25 @@ class UploadController extends Controller
*/ */
protected $templating; protected $templating;
/**
* UploadController constructor.
*
* @param FileManagerInterface $fileManager
* @param UrlGeneratorInterface $urlGenerator
* @param CsrfTokenManagerInterface $csrfTokenManager
* @param TokenStorageInterface $tokenStorage
* @param EngineInterface $templating
*/
public function __construct( public function __construct(
FileManagerInterface $fileManager, FileManagerInterface $fileManager,
UrlGeneratorInterface $urlGenerator, UrlGeneratorInterface $urlGenerator,
CsrfProviderInterface $csrfProvider, CsrfTokenManagerInterface $csrfTokenManager,
TokenStorageInterface $tokenStorage, TokenStorageInterface $tokenStorage,
EngineInterface $templating EngineInterface $templating
) { ) {
$this->fileManager = $fileManager; $this->fileManager = $fileManager;
$this->urlGenerator = $urlGenerator; $this->urlGenerator = $urlGenerator;
$this->csrfProvider = $csrfProvider; $this->csrfTokenManager = $csrfTokenManager;
$this->tokenStorage = $tokenStorage; $this->tokenStorage = $tokenStorage;
$this->templating = $templating; $this->templating = $templating;
} }
...@@ -249,7 +258,8 @@ class UploadController extends Controller ...@@ -249,7 +258,8 @@ class UploadController extends Controller
*/ */
protected function validateCsrfToken(Request $request) protected function validateCsrfToken(Request $request)
{ {
if (!$this->csrfProvider->isCsrfTokenValid(self::CSRF_INTENTION, $request->query->get('token', null))) { $token = $this->csrfTokenManager->getToken($request->query->get('token', null));
if (!$this->csrfTokenManager->isTokenValid($token)) {
throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid CSRF token'); throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid CSRF token');
} }
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment