CsrfListener::onKernelRequest() - Code Metrics - Inspection of "Improved page templates" - aimeos/aimeos-symfony - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( a4afe2...581ab1 )

by Aimeos

created 2020-10-12 09:08 UTC

CsrfListener::onKernelRequest() A

↳ Parent: CsrfListener

Complexity

Conditions	5
Paths	3

Size

Total Lines	13
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	5
eloc	7
c	1
b	0
f	0
nc	3
nop	1
dl	0
loc	13
rs	9.6111

<?php

/**
 * @license MIT, http://opensource.org/licenses/MIT
 * @copyright Aimeos (aimeos.org), 2020
 * @package symfony
 * @subpackage EventListener
 */


namespace Aimeos\ShopBundle\EventListener;

use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\DependencyInjection\Container;


/**
 * Kernel request event listener checking CSRF tokens
 *
 * @package symfony
 * @subpackage EventListener
 */
class CsrfListener
{
	private $container;


	/**
	 * Initializes the object
	 *
	 * @param Container $container Dependency injection container
	 */
	public function __construct( Container $container )
	{
		$this->container = $container;
	}


	/**
	 * Handles the kernel request
	 *
	 * @param RequestEvent $event Request event object
	 */
	public function onKernelRequest( RequestEvent $event )
	{
		$request = $event->getRequest();

		if( !$event->isMasterRequest()
			|| !in_array( $request->getMethod(), ['POST', 'PUT', 'PATCH', 'DELETE'] ) ) {
			return;
		}

		$sessionToken = $this->container->get( 'security.csrf.token_manager' )->getToken( '_token' );

		if( $sessionToken && (string) $sessionToken !== (string) $request->request->get( '_token' ) ) {
			$event->setResponse( new Response( 'Page expired', 419 ) );
		}
	}
}


1			<?php
2
3			/**
4			* @license MIT, http://opensource.org/licenses/MIT
5			* @copyright Aimeos (aimeos.org), 2020
6			* @package symfony
7			* @subpackage EventListener
8			*/
9
10
11			namespace Aimeos\ShopBundle\EventListener;
12
13			use Symfony\Component\HttpFoundation\Response;
14			use Symfony\Component\HttpKernel\Event\RequestEvent;
15			use Symfony\Component\DependencyInjection\Container;
16
17
18			/**
19			* Kernel request event listener checking CSRF tokens
20			*
21			* @package symfony
22			* @subpackage EventListener
23			*/
24			class CsrfListener
25			{
26			private $container;
27
28
29			/**
30			* Initializes the object
31			*
32			* @param Container $container Dependency injection container
33			*/
34			public function __construct( Container $container )
35			{
36			$this->container = $container;
37			}
38
39
40			/**
41			* Handles the kernel request
42			*
43			* @param RequestEvent $event Request event object
44			*/
45			public function onKernelRequest( RequestEvent $event )
46			{
47			$request = $event->getRequest();
48
49			if( !$event->isMasterRequest()
50			\|\| !in_array( $request->getMethod(), ['POST', 'PUT', 'PATCH', 'DELETE'] ) ) {
51			return;
52			}
53
54			$sessionToken = $this->container->get( 'security.csrf.token_manager' )->getToken( '_token' );
55
56			if( $sessionToken && (string) $sessionToken !== (string) $request->request->get( '_token' ) ) {
57			$event->setResponse( new Response( 'Page expired', 419 ) );
58			}
59			}
60			}
61

aimeos / aimeos-symfony

Push — master ( a4afe2...581ab1 )

CsrfListener::onKernelRequest() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like