Ubiquity 2.5.2
php rapid development framework
Loading...
Searching...
No Matches
CsrfManager.php
Go to the documentation of this file.
1<?php
2namespace Ubiquity\security\csrf;
3
4use Ubiquity\security\csrf\storages\TokenStorageInterface;
5use Ubiquity\security\csrf\storages\SessionTokenStorage;
6use Ubiquity\security\csrf\generators\Md5Selector;
7use Ubiquity\security\csrf\generators\GeneratorInterface;
8use Ubiquity\security\csrf\generators\RandomValidator;
9
18class CsrfManager {
19
24 private static $selector;
25
30 private static $validator;
31
36 private static $storage;
37
38 public static function start(TokenStorageInterface $storage = null, GeneratorInterface $selector = null, GeneratorInterface $validator = null) {
39 self::$selector = $selector ?? new Md5Selector();
40 self::$validator = $validator ?? new RandomValidator();
41 self::$storage = $storage ?? new SessionTokenStorage();
42 }
43
50 public static function getToken($name) {
51 $id = self::$selector->generate($name);
52 if (self::$storage->exists($id)) {
53 $value = self::$storage->get($id);
54 } else {
55 $value = self::$validator->generate();
56 self::$storage->set($id, $value);
57 }
58 return new UToken($id, $value);
59 }
60
67 public static function removeToken(string $name): ?string {
68 return self::$storage->remove(self::$selector->generate($name));
69 }
70
78 public static function isValid(string $id, string $value): bool {
79 if (! self::$storage->exists($id)) {
80 return false;
81 }
82
83 return hash_equals(self::$storage->get($id), $value);
84 }
85
93 public static function isValidByName(string $name, string $value): bool {
94 return self::isValid(self::$selector->generate($name), $value);
95 }
96
103 public static function getSelector(string $name): string {
104 return self::$selector->generate($name);
105 }
106
113 public static function generateValue(?string $value = null): string {
114 return self::$validator->generate($value);
115 }
116
117 public static function getValidatorClass(): string {
118 return \get_class(self::$validator);
119 }
120
121 public static function getSelectorClass(): string {
122 return \get_class(self::$selector);
123 }
124
125 public static function getStorageClass(): string {
126 return \get_class(self::$storage);
127 }
128
129 public static function isStarted(): bool {
130 return isset(self::$storage);
131 }
132}
133
Ubiquity\security\csrf\CsrfManager
Ubiquity\security\csrf$CsrfManager This class is part of Ubiquity.
Definition CsrfManager.php:18
Ubiquity\security\csrf\CsrfManager\removeToken
static removeToken(string $name)
Remove an existing token.
Definition CsrfManager.php:67
Ubiquity\security\csrf\CsrfManager\isValidByName
static isValidByName(string $name, string $value)
Returns whether the given CSRF token is valid, given his name.
Definition CsrfManager.php:93
Ubiquity\security\csrf\CsrfManager\getSelector
static getSelector(string $name)
Return a selector corresponding to a name, using the active selector.
Definition CsrfManager.php:103
Ubiquity\security\csrf\CsrfManager\isValid
static isValid(string $id, string $value)
Returns whether the given CSRF token is valid, given his id.
Definition CsrfManager.php:78
Ubiquity\security\csrf\CsrfManager\start
static start(TokenStorageInterface $storage=null, GeneratorInterface $selector=null, GeneratorInterface $validator=null)
Definition CsrfManager.php:38
Ubiquity\security\csrf\CsrfManager\getToken
static getToken($name)
Generates or retrieve and return a token.
Definition CsrfManager.php:50
Ubiquity\security\csrf\CsrfManager\generateValue
static generateValue(?string $value=null)
Generates a token value using the active validator.
Definition CsrfManager.php:113