ILIAS  trunk Revision v11.0_alpha-1715-g7fc467680fb
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
Public Member Functions | Protected Member Functions
ilCtrlTokenRepository Class Reference

Class ilCtrlTokenRepository. More...

+ Inheritance diagram for ilCtrlTokenRepository:
+ Collaboration diagram for ilCtrlTokenRepository:

Public Member Functions

 getToken ()
 

Protected Member Functions

 fetchToken ()
 Returns the currently stored token from the session. More...
 
 storeToken (ilCtrlTokenInterface $token)
 Stores the given token in the curren session. More...
 
 generateToken ()
 Returns a cryptographically secure token. More...
 

Detailed Description

Class ilCtrlTokenRepository.

Author
Thibeau Fuhrer thf@s.nosp@m.tude.nosp@m.r-rai.nosp@m.mann.nosp@m..ch

Definition at line 26 of file class.ilCtrlTokenRepository.php.

Member Function Documentation

◆ fetchToken()

ilCtrlTokenRepository::fetchToken ( )
protected

Returns the currently stored token from the session.

Returns
ilCtrlTokenInterface|null

Definition at line 45 of file class.ilCtrlTokenRepository.php.

References ilSession\get(), ilSession\has(), null, and ilCtrlInterface\PARAM_CSRF_TOKEN.

Referenced by getToken().

45  : ?ilCtrlTokenInterface
46  {
47  if (ilSession::has(ilCtrlInterface::PARAM_CSRF_TOKEN)) {
48  return unserialize(ilSession::get(ilCtrlInterface::PARAM_CSRF_TOKEN), [ilCtrlTokenInterface::class]);
49  }
50 
51  return null;
52  }
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:401
ilCtrlInterface\PARAM_CSRF_TOKEN
const PARAM_CSRF_TOKEN
$_GET request parameter names, used throughout ilCtrl.
Definition: interface.ilCtrlInterface.php:37
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilSession\has
static has($a_var)
Definition: class.ilSession.php:406
ilCtrlTokenInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilCtrlTokenInterface.php:24
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ generateToken()

ilCtrlTokenRepository::generateToken ( )
protected

Returns a cryptographically secure token.

Returns
ilCtrlToken

Definition at line 69 of file class.ilCtrlTokenRepository.php.

References $token.

Referenced by getToken().

69  : ilCtrlTokenInterface
70  {
71  // random_bytes() is cryptographically secure but
72  // depends on the system it's running on. If the
73  // generation fails, we use a less secure option
74  // that is available for sure.
75 
76  try {
77  $token = bin2hex(random_bytes(32));
78  } catch (Throwable $t) {
79  $token = md5(uniqid((string) time(), true));
80  }
81 
82  return new ilCtrlToken($token);
83  }
ilCtrlToken
Class ilCtrlToken is responsible for generating and storing unique CSRF tokens.
Definition: class.ilCtrlToken.php:27
$token
$token
Definition: xapitoken.php:70
ilCtrlTokenInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilCtrlTokenInterface.php:24
+ Here is the caller graph for this function:

◆ getToken()

ilCtrlTokenRepository::getToken ( )

Implements ilCtrlTokenRepositoryInterface.

Definition at line 31 of file class.ilCtrlTokenRepository.php.

References $token, fetchToken(), generateToken(), and storeToken().

31  : ilCtrlTokenInterface
32  {
33  $token = $this->fetchToken() ?? $this->generateToken();
34 
35  $this->storeToken($token);
36 
37  return $token;
38  }
ilCtrlTokenRepository\fetchToken
fetchToken()
Returns the currently stored token from the session.
Definition: class.ilCtrlTokenRepository.php:45
ilCtrlTokenRepository\storeToken
storeToken(ilCtrlTokenInterface $token)
Stores the given token in the curren session.
Definition: class.ilCtrlTokenRepository.php:59
$token
$token
Definition: xapitoken.php:70
ilCtrlTokenInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilCtrlTokenInterface.php:24
ilCtrlTokenRepository\generateToken
generateToken()
Returns a cryptographically secure token.
Definition: class.ilCtrlTokenRepository.php:69
+ Here is the call graph for this function:

◆ storeToken()

ilCtrlTokenRepository::storeToken ( ilCtrlTokenInterface  $token)
protected

Stores the given token in the curren session.

Parameters
ilCtrlTokenInterface$token

Definition at line 59 of file class.ilCtrlTokenRepository.php.

References ilCtrlInterface\PARAM_CSRF_TOKEN, and ilSession\set().

Referenced by getToken().

59  : void
60  {
61  ilSession::set(ilCtrlInterface::PARAM_CSRF_TOKEN, serialize($token));
62  }
ilCtrlInterface\PARAM_CSRF_TOKEN
const PARAM_CSRF_TOKEN
$_GET request parameter names, used throughout ilCtrl.
Definition: interface.ilCtrlInterface.php:37
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:393
+ Here is the call graph for this function:
+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: