spiral /
framework
@@ -37,7 +37,7 @@ |
||
| 37 | 37 | $response = new Response('php://memory', $code, []); |
| 38 | 38 | $response = $response->withStatus($code, $reasonPhrase); |
| 39 | 39 | |
| 40 | - foreach ($this->config->getBaseHeaders() as $header => $value) { |
|
| 40 | + foreach ($this->config->getBaseHeaders() as $header => $value){ |
|
| 41 | 41 | $response = $response->withAddedHeader($header, $value); |
| 42 | 42 | } |
| 43 | 43 | |
@@ -37,7 +37,8 @@ |
||
| 37 | 37 | $response = new Response('php://memory', $code, []); |
| 38 | 38 | $response = $response->withStatus($code, $reasonPhrase); |
| 39 | 39 | |
| 40 | - foreach ($this->config->getBaseHeaders() as $header => $value) { |
|
| 40 | + foreach ($this->config->getBaseHeaders() as $header => $value) |
|
| 41 | + { |
|
| 41 | 42 | $response = $response->withAddedHeader($header, $value); |
| 42 | 43 | } |
| 43 | 44 | |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | { |
| 53 | 53 | $core = $this->httpCore([CsrfMiddleware::class]); |
| 54 | 54 | $core->setHandler( |
| 55 | - static function ($r) { |
|
| 55 | + static function ($r){ |
|
| 56 | 56 | return $r->getAttribute(CsrfMiddleware::ATTRIBUTE); |
| 57 | 57 | } |
| 58 | 58 | ); |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | |
| 83 | 83 | $core = $this->httpCore([CsrfMiddleware::class]); |
| 84 | 84 | $core->setHandler( |
| 85 | - static function () { |
|
| 85 | + static function (){ |
|
| 86 | 86 | return 'all good'; |
| 87 | 87 | } |
| 88 | 88 | ); |
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | { |
| 95 | 95 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 96 | 96 | $core->setHandler( |
| 97 | - static function () { |
|
| 97 | + static function (){ |
|
| 98 | 98 | return 'all good'; |
| 99 | 99 | } |
| 100 | 100 | ); |
@@ -108,7 +108,7 @@ discard block |
||
| 108 | 108 | $this->expectException(\LogicException::class); |
| 109 | 109 | $core = $this->httpCore([CsrfFirewall::class]); |
| 110 | 110 | $core->setHandler( |
| 111 | - static function () { |
|
| 111 | + static function (){ |
|
| 112 | 112 | return 'all good'; |
| 113 | 113 | } |
| 114 | 114 | ); |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | { |
| 121 | 121 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 122 | 122 | $core->setHandler( |
| 123 | - static function () { |
|
| 123 | + static function (){ |
|
| 124 | 124 | return 'all good'; |
| 125 | 125 | } |
| 126 | 126 | ); |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | { |
| 154 | 154 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 155 | 155 | $core->setHandler( |
| 156 | - static function () { |
|
| 156 | + static function (){ |
|
| 157 | 157 | return 'all good'; |
| 158 | 158 | } |
| 159 | 159 | ); |
@@ -186,7 +186,7 @@ discard block |
||
| 186 | 186 | { |
| 187 | 187 | $core = $this->httpCore([CsrfMiddleware::class, StrictCsrfFirewall::class]); |
| 188 | 188 | $core->setHandler( |
| 189 | - static function () { |
|
| 189 | + static function (){ |
|
| 190 | 190 | return 'all good'; |
| 191 | 191 | } |
| 192 | 192 | ); |
@@ -277,10 +277,10 @@ discard block |
||
| 277 | 277 | { |
| 278 | 278 | $result = []; |
| 279 | 279 | |
| 280 | - foreach ($response->getHeaders() as $header) { |
|
| 281 | - foreach ($header as $headerLine) { |
|
| 280 | + foreach ($response->getHeaders() as $header){ |
|
| 281 | + foreach ($header as $headerLine){ |
|
| 282 | 282 | $chunk = explode(';', $headerLine); |
| 283 | - if (!count($chunk) || mb_strpos($chunk[0], '=') === false) { |
|
| 283 | + if (!count($chunk) || mb_strpos($chunk[0], '=') === false){ |
|
| 284 | 284 | continue; |
| 285 | 285 | } |
| 286 | 286 | |
@@ -52,7 +52,8 @@ discard block |
||
| 52 | 52 | { |
| 53 | 53 | $core = $this->httpCore([CsrfMiddleware::class]); |
| 54 | 54 | $core->setHandler( |
| 55 | - static function ($r) { |
|
| 55 | + static function ($r) |
|
| 56 | + { |
|
| 56 | 57 | return $r->getAttribute(CsrfMiddleware::ATTRIBUTE); |
| 57 | 58 | } |
| 58 | 59 | ); |
@@ -82,7 +83,8 @@ discard block |
||
| 82 | 83 | |
| 83 | 84 | $core = $this->httpCore([CsrfMiddleware::class]); |
| 84 | 85 | $core->setHandler( |
| 85 | - static function () { |
|
| 86 | + static function () |
|
| 87 | + { |
|
| 86 | 88 | return 'all good'; |
| 87 | 89 | } |
| 88 | 90 | ); |
@@ -94,7 +96,8 @@ discard block |
||
| 94 | 96 | { |
| 95 | 97 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 96 | 98 | $core->setHandler( |
| 97 | - static function () { |
|
| 99 | + static function () |
|
| 100 | + { |
|
| 98 | 101 | return 'all good'; |
| 99 | 102 | } |
| 100 | 103 | ); |
@@ -108,7 +111,8 @@ discard block |
||
| 108 | 111 | $this->expectException(\LogicException::class); |
| 109 | 112 | $core = $this->httpCore([CsrfFirewall::class]); |
| 110 | 113 | $core->setHandler( |
| 111 | - static function () { |
|
| 114 | + static function () |
|
| 115 | + { |
|
| 112 | 116 | return 'all good'; |
| 113 | 117 | } |
| 114 | 118 | ); |
@@ -120,7 +124,8 @@ discard block |
||
| 120 | 124 | { |
| 121 | 125 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 122 | 126 | $core->setHandler( |
| 123 | - static function () { |
|
| 127 | + static function () |
|
| 128 | + { |
|
| 124 | 129 | return 'all good'; |
| 125 | 130 | } |
| 126 | 131 | ); |
@@ -153,7 +158,8 @@ discard block |
||
| 153 | 158 | { |
| 154 | 159 | $core = $this->httpCore([CsrfMiddleware::class, CsrfFirewall::class]); |
| 155 | 160 | $core->setHandler( |
| 156 | - static function () { |
|
| 161 | + static function () |
|
| 162 | + { |
|
| 157 | 163 | return 'all good'; |
| 158 | 164 | } |
| 159 | 165 | ); |
@@ -186,7 +192,8 @@ discard block |
||
| 186 | 192 | { |
| 187 | 193 | $core = $this->httpCore([CsrfMiddleware::class, StrictCsrfFirewall::class]); |
| 188 | 194 | $core->setHandler( |
| 189 | - static function () { |
|
| 195 | + static function () |
|
| 196 | + { |
|
| 190 | 197 | return 'all good'; |
| 191 | 198 | } |
| 192 | 199 | ); |
@@ -277,10 +284,13 @@ discard block |
||
| 277 | 284 | { |
| 278 | 285 | $result = []; |
| 279 | 286 | |
| 280 | - foreach ($response->getHeaders() as $header) { |
|
| 281 | - foreach ($header as $headerLine) { |
|
| 287 | + foreach ($response->getHeaders() as $header) |
|
| 288 | + { |
|
| 289 | + foreach ($header as $headerLine) |
|
| 290 | + { |
|
| 282 | 291 | $chunk = explode(';', $headerLine); |
| 283 | - if (!count($chunk) || mb_strpos($chunk[0], '=') === false) { |
|
| 292 | + if (!count($chunk) || mb_strpos($chunk[0], '=') === false) |
|
| 293 | + { |
|
| 284 | 294 | continue; |
| 285 | 295 | } |
| 286 | 296 | |
@@ -46,9 +46,9 @@ discard block |
||
| 46 | 46 | */ |
| 47 | 47 | public function process(Request $request, RequestHandlerInterface $handler): Response |
| 48 | 48 | { |
| 49 | - if (isset($request->getCookieParams()[$this->config->getCookie()])) { |
|
| 49 | + if (isset($request->getCookieParams()[$this->config->getCookie()])){ |
|
| 50 | 50 | $token = $request->getCookieParams()[$this->config->getCookie()]; |
| 51 | - } else { |
|
| 51 | + }else{ |
|
| 52 | 52 | //Making new token |
| 53 | 53 | $token = $this->random($this->config->getTokenLength()); |
| 54 | 54 | |
@@ -59,7 +59,7 @@ discard block |
||
| 59 | 59 | //CSRF issues must be handled by Firewall middleware |
| 60 | 60 | $response = $handler->handle($request->withAttribute(static::ATTRIBUTE, $token)); |
| 61 | 61 | |
| 62 | - if (!empty($cookie)) { |
|
| 62 | + if (!empty($cookie)){ |
|
| 63 | 63 | return $response->withAddedHeader('Set-Cookie', $cookie); |
| 64 | 64 | } |
| 65 | 65 | |
@@ -94,11 +94,11 @@ discard block |
||
| 94 | 94 | */ |
| 95 | 95 | private function random(int $length = 32): string |
| 96 | 96 | { |
| 97 | - try { |
|
| 98 | - if (empty($string = random_bytes($length))) { |
|
| 97 | + try{ |
|
| 98 | + if (empty($string = random_bytes($length))){ |
|
| 99 | 99 | throw new \RuntimeException('Unable to generate random string'); |
| 100 | 100 | } |
| 101 | - } catch (\Throwable $e) { |
|
| 101 | + }catch (\Throwable $e){ |
|
| 102 | 102 | throw new \RuntimeException('Unable to generate random string', $e->getCode(), $e); |
| 103 | 103 | } |
| 104 | 104 | |
@@ -46,9 +46,12 @@ discard block |
||
| 46 | 46 | */ |
| 47 | 47 | public function process(Request $request, RequestHandlerInterface $handler): Response |
| 48 | 48 | { |
| 49 | - if (isset($request->getCookieParams()[$this->config->getCookie()])) { |
|
| 49 | + if (isset($request->getCookieParams()[$this->config->getCookie()])) |
|
| 50 | + { |
|
| 50 | 51 | $token = $request->getCookieParams()[$this->config->getCookie()]; |
| 51 | - } else { |
|
| 52 | + } |
|
| 53 | + else |
|
| 54 | + { |
|
| 52 | 55 | //Making new token |
| 53 | 56 | $token = $this->random($this->config->getTokenLength()); |
| 54 | 57 | |
@@ -59,7 +62,8 @@ discard block |
||
| 59 | 62 | //CSRF issues must be handled by Firewall middleware |
| 60 | 63 | $response = $handler->handle($request->withAttribute(static::ATTRIBUTE, $token)); |
| 61 | 64 | |
| 62 | - if (!empty($cookie)) { |
|
| 65 | + if (!empty($cookie)) |
|
| 66 | + { |
|
| 63 | 67 | return $response->withAddedHeader('Set-Cookie', $cookie); |
| 64 | 68 | } |
| 65 | 69 | |
@@ -94,11 +98,15 @@ discard block |
||
| 94 | 98 | */ |
| 95 | 99 | private function random(int $length = 32): string |
| 96 | 100 | { |
| 97 | - try { |
|
| 98 | - if (empty($string = random_bytes($length))) { |
|
| 101 | + try |
|
| 102 | + { |
|
| 103 | + if (empty($string = random_bytes($length))) |
|
| 104 | + { |
|
| 99 | 105 | throw new \RuntimeException('Unable to generate random string'); |
| 100 | 106 | } |
| 101 | - } catch (\Throwable $e) { |
|
| 107 | + } |
|
| 108 | + catch (\Throwable $e) |
|
| 109 | + { |
|
| 102 | 110 | throw new \RuntimeException('Unable to generate random string', $e->getCode(), $e); |
| 103 | 111 | } |
| 104 | 112 | |
@@ -61,11 +61,11 @@ discard block |
||
| 61 | 61 | { |
| 62 | 62 | $token = $request->getAttribute(CsrfMiddleware::ATTRIBUTE); |
| 63 | 63 | |
| 64 | - if (empty($token)) { |
|
| 64 | + if (empty($token)){ |
|
| 65 | 65 | throw new \LogicException('Unable to apply CSRF firewall, attribute is missing'); |
| 66 | 66 | } |
| 67 | 67 | |
| 68 | - if ($this->isRequired($request) && !hash_equals($token, $this->fetchToken($request))) { |
|
| 68 | + if ($this->isRequired($request) && !hash_equals($token, $this->fetchToken($request))){ |
|
| 69 | 69 | return $this->responseFactory->createResponse(412, 'Bad CSRF Token'); |
| 70 | 70 | } |
| 71 | 71 | |
@@ -91,12 +91,12 @@ discard block |
||
| 91 | 91 | */ |
| 92 | 92 | protected function fetchToken(Request $request): string |
| 93 | 93 | { |
| 94 | - if ($request->hasHeader(self::HEADER)) { |
|
| 94 | + if ($request->hasHeader(self::HEADER)){ |
|
| 95 | 95 | return (string)$request->getHeaderLine(self::HEADER); |
| 96 | 96 | } |
| 97 | 97 | |
| 98 | 98 | $data = $request->getParsedBody(); |
| 99 | - if (is_array($data) && isset($data[self::PARAMETER]) && is_string($data[self::PARAMETER])) { |
|
| 99 | + if (is_array($data) && isset($data[self::PARAMETER]) && is_string($data[self::PARAMETER])){ |
|
| 100 | 100 | return $data[self::PARAMETER]; |
| 101 | 101 | } |
| 102 | 102 | |
@@ -61,11 +61,13 @@ discard block |
||
| 61 | 61 | { |
| 62 | 62 | $token = $request->getAttribute(CsrfMiddleware::ATTRIBUTE); |
| 63 | 63 | |
| 64 | - if (empty($token)) { |
|
| 64 | + if (empty($token)) |
|
| 65 | + { |
|
| 65 | 66 | throw new \LogicException('Unable to apply CSRF firewall, attribute is missing'); |
| 66 | 67 | } |
| 67 | 68 | |
| 68 | - if ($this->isRequired($request) && !hash_equals($token, $this->fetchToken($request))) { |
|
| 69 | + if ($this->isRequired($request) && !hash_equals($token, $this->fetchToken($request))) |
|
| 70 | + { |
|
| 69 | 71 | return $this->responseFactory->createResponse(412, 'Bad CSRF Token'); |
| 70 | 72 | } |
| 71 | 73 | |
@@ -91,12 +93,14 @@ discard block |
||
| 91 | 93 | */ |
| 92 | 94 | protected function fetchToken(Request $request): string |
| 93 | 95 | { |
| 94 | - if ($request->hasHeader(self::HEADER)) { |
|
| 96 | + if ($request->hasHeader(self::HEADER)) |
|
| 97 | + { |
|
| 95 | 98 | return (string)$request->getHeaderLine(self::HEADER); |
| 96 | 99 | } |
| 97 | 100 | |
| 98 | 101 | $data = $request->getParsedBody(); |
| 99 | - if (is_array($data) && isset($data[self::PARAMETER]) && is_string($data[self::PARAMETER])) { |
|
| 102 | + if (is_array($data) && isset($data[self::PARAMETER]) && is_string($data[self::PARAMETER])) |
|
| 103 | + { |
|
| 100 | 104 | return $data[self::PARAMETER]; |
| 101 | 105 | } |
| 102 | 106 | |
