-
-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathCsrfTokenManagerInterface.php
57 lines (51 loc) · 1.7 KB
/
CsrfTokenManagerInterface.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <[email protected]>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Csrf;
/**
* Manages CSRF tokens.
*
* @author Bernhard Schussek <[email protected]>
*/
interface CsrfTokenManagerInterface
{
/**
* Returns a CSRF token for the given ID.
*
* If previously no token existed for the given ID, a new token is
* generated. Otherwise the existing token is returned (with the same value,
* not the same instance).
*
* @param string $tokenId The token ID. You may choose an arbitrary value
* for the ID
*/
public function getToken(string $tokenId): CsrfToken;
/**
* Generates a new token value for the given ID.
*
* This method will generate a new token for the given token ID, independent
* of whether a token value previously existed or not. It can be used to
* enforce once-only tokens in environments with high security needs.
*
* @param string $tokenId The token ID. You may choose an arbitrary value
* for the ID
*/
public function refreshToken(string $tokenId): CsrfToken;
/**
* Invalidates the CSRF token with the given ID, if one exists.
*
* @return string|null Returns the removed token value if one existed, NULL
* otherwise
*/
public function removeToken(string $tokenId): ?string;
/**
* Returns whether the given CSRF token is valid.
*/
public function isTokenValid(CsrfToken $token): bool;
}