fixup! Add support for dynamic CSRF id in IsCsrfTokenValid

yguedidi · yguedidi · commit 7db4866341dc · 2024-04-04T05:18:10.000+02:00
diff --git a/src/Symfony/Component/Security/Http/EventListener/IsCsrfTokenValidAttributeListener.php b/src/Symfony/Component/Security/Http/EventListener/IsCsrfTokenValidAttributeListener.php
@@ -44,7 +44,7 @@ public function onKernelControllerArguments(ControllerArgumentsEvent $event): vo
         $arguments = $event->getNamedArguments();
 
         foreach ($attributes as $attribute) {
-            $id = $this->getIsCsrfTokenValidId($attribute->id, $request, $arguments);
+            $id = $this->getTokenId($attribute->id, $request, $arguments);
 
             if (!$this->csrfTokenManager->isTokenValid(new CsrfToken($id, $request->request->getString($attribute->tokenKey)))) {
                 throw new InvalidCsrfTokenException('Invalid CSRF token.');
@@ -57,7 +57,7 @@ public static function getSubscribedEvents(): array
         return [KernelEvents::CONTROLLER_ARGUMENTS => ['onKernelControllerArguments', 25]];
     }
 
-    private function getIsCsrfTokenValidId(string|Expression $id, Request $request, array $arguments): string
+    private function getTokenId(string|Expression $id, Request $request, array $arguments): string
     {
         if (!$id instanceof Expression) {
             return $id;

Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ public function onKernelControllerArguments(ControllerArgumentsEvent $event): vo`
`44`	`44`	`$arguments = $event->getNamedArguments();`
`45`	`45`
`46`	`46`	`foreach ($attributes as $attribute) {`
`47`		`- $id = $this->getIsCsrfTokenValidId($attribute->id, $request, $arguments);`
	`47`	`+ $id = $this->getTokenId($attribute->id, $request, $arguments);`
`48`	`48`
`49`	`49`	`if (!$this->csrfTokenManager->isTokenValid(new CsrfToken($id, $request->request->getString($attribute->tokenKey)))) {`
`50`	`50`	`throw new InvalidCsrfTokenException('Invalid CSRF token.');`
`@@ -57,7 +57,7 @@ public static function getSubscribedEvents(): array`
`57`	`57`	`return [KernelEvents::CONTROLLER_ARGUMENTS => ['onKernelControllerArguments', 25]];`
`58`	`58`	`}`
`59`	`59`
`60`		`- private function getIsCsrfTokenValidId(string\|Expression $id, Request $request, array $arguments): string`
	`60`	`+ private function getTokenId(string\|Expression $id, Request $request, array $arguments): string`
`61`	`61`	`{`
`62`	`62`	`if (!$id instanceof Expression) {`
`63`	`63`	`return $id;`