class CsrfProtection implements RequestPatternInterface (View source)

This class holds a request pattern that decides, if csrf protection was enabled for the current request and searches for invalid csrf protection tokens.

Properties

protected Context $securityContext
protected AuthenticationManagerInterface $authenticationManager
protected ObjectManagerInterface $objectManager
protected ReflectionService $reflectionService
protected PolicyService $policyService
protected LoggerInterface $logger

Methods

void
injectLogger(LoggerInterface $logger)

Injects the (system) logger based on PSR-3.

bool
matchRequest(ActionRequest $request)

Matches an ActionRequest against the configured CSRF pattern rules and searches for invalid csrf tokens. If this returns true, the request is invalid!

bool
hasPolicyEntryForMethod(string $className, string $methodName)

No description

Details

void injectLogger(LoggerInterface $logger)

Injects the (system) logger based on PSR-3.

Parameters

LoggerInterface $logger

Return Value

void

bool matchRequest(ActionRequest $request)

Matches an ActionRequest against the configured CSRF pattern rules and searches for invalid csrf tokens. If this returns true, the request is invalid!

Parameters

ActionRequest $request

The request that should be matched

Return Value

bool

true if the pattern matched, false otherwise

Exceptions

AuthenticationRequiredException

protected bool hasPolicyEntryForMethod(string $className, string $methodName)

No description

Parameters

string $className
string $methodName

Return Value

bool