8000 Use class_alias and dump composer versions · symfony/symfony@03741e1 · GitHub
[go: up one dir, main page]
Skip to content

Commit 03741e1

Browse files
alexander-schranzalexander-schranz
committed
Use class_alias and dump composer versions
1 parent cc6d3f0 commit 03741e1

File tree

7 files changed

+107
-127
lines changed

7 files changed

+107
-127
lines changed

src/Symfony/Bridge/Twig/composer.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@
3131
"symfony/form": "^6.3|^7.0",
3232
"symfony/html-sanitizer": "^6.1|^7.0",
3333
"symfony/http-foundation": "^5.4|^6.0|^7.0",
34-
"symfony/http-kernel": "^6.2|^7.0",
34+
"symfony/http-kernel": "^6.4|^7.0",
3535
"symfony/intl": "^5.4|^6.0|^7.0",
3636
"symfony/mime": "^6.2|^7.0",
3737
"symfony/polyfill-intl-icu": "~1.0",
@@ -59,7 +59,7 @@
5959
"symfony/console": "<5.4",
6060
"symfony/form": "<6.3",
6161
"symfony/http-foundation": "<5.4",
62-
"symfony/http-kernel": "<6.2",
62+
"symfony/http-kernel": "<6.4",
6363
"symfony/mime": "<6.2",
6464
"symfony/serializer": "<6.2",
6565
"symfony/translation": "<5.4",

src/Symfony/Component/HttpFoundation/CHANGELOG.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,12 @@ CHANGELOG
44
6.4
55
---
66

7+
* Add `UriSigner`
78
* Make `HeaderBag::getDate()`, `Response::getDate()`, `getExpires()` and `getLastModified()` return a `DateTimeImmutable`
89

910
6.3
1011
---
1112

12-
* Add `UriSigner` from HttpKernel
1313
* Calling `ParameterBag::getDigit()`, `getAlnum()`, `getAlpha()` on an `array` throws a `UnexpectedValueException` instead of a `TypeError`
1414
* Add `ParameterBag::getString()` to convert a parameter into string and throw an exception if the value is invalid
1515
* Add `ParameterBag::getEnum()`

src/Symfony/Component/HttpFoundation/Tests/UriSignerTest.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,9 @@
1515
use Symfony\Component\HttpFoundation\Request;
1616
use Symfony\Component\HttpFoundation\UriSigner;
1717

18+
/**
19+
* @group legacy
20+
*/
1821
class UriSignerTest extends TestCase
1922
{
2023
public function testSign()

src/Symfony/Component/HttpFoundation/UriSigner.php

Lines changed: 84 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,21 +11,101 @@
1111

1212
namespace Symfony\Component\HttpFoundation;
1313

14-
use Symfony\Component\HttpKernel\UriSigner as HttpKernelUriSigner;
15-
1614
/**
1715
* Signs URIs.
1816
*
1917
* @author Fabien Potencier <fabien@symfony.com>
2018
*/
21-
class UriSigner extends HttpKernelUriSigner
19+
class UriSigner
2220
{
21+
private string $secret;
22+
private string $parameter;
23+
2324
/**
2425
* @param string $secret A secret
2526
* @param string $parameter Query string parameter to use
2627
*/
2728
public function __construct(#[\SensitiveParameter] string $secret, string $parameter = '_hash')
2829
{
29-
parent::__construct($secret, $parameter, true);
30+
$this->secret = $secret;
31+
$this->parameter = $parameter;
3032
}
33+
34+
/**
35+
* Signs a URI.
36+
*
37+
* The given URI is signed by adding the query string parameter
38+
* which value depends on the URI and the secret.
39+
*/
40+
public function sign(string $uri): string
41+
{
42+
$url = parse_url($uri);
43+
$params = [];
44+
45+
if (isset($url['query'])) {
46+
parse_str($url['query'], $params);
47+
}
48+
49+
$uri = $this->buildUrl($url, $params);
50+
$params[$this->parameter] = $this->computeHash($uri);
51+
52+
return $this->buildUrl($url, $params);
53+
}
54+
55+
/**
56+
* Checks that a URI contains the correct hash.
57+
*/
58+
public function check(string $uri): bool
59+
{
60+
$url = parse_url($uri);
61+
$params = [];
62+
63+
if (isset($url['query'])) {
64+
parse_str($url['query'], $params);
65+
}
66+
67+
if (empty($params[$this->parameter])) {
68+
return false;
69+
}
70+
71+
$hash = $params[$this->parameter];
72+
unset($params[$this->parameter]);
73+
74+
return hash_equals($this->computeHash($this->buildUrl($url, $params)), $hash);
75+
}
76+
77+
public function checkRequest(Request $request): bool
78+
{
79+
$qs = ($qs = $request->server->get('QUERY_STRING')) ? '?'.$qs : '';
80+
81+
// we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
82+
return $this->check($request->getSchemeAndHttpHost().$request->getBaseUrl().$request->getPathInfo().$qs);
83+
}
84+
85+
private function computeHash(string $uri): string
86+
{
87+
return base64_encode(hash_hmac('sha256', $uri, $this->secret, true));
88+
}
89+
90+
private function buildUrl(array $url, array $params = []): string
91+
{
92+
ksort($params, \SORT_STRING);
93+
$url['query'] = http_build_query($params, '', '&');
94+
95+
$scheme = isset($url['scheme']) ? $url['scheme'].'://' : '';
96+
$host = $url['host'] ?? '';
97+
$port = isset($url['port']) ? ':'.$url['port'] : '';
98+
$user = $url['user'] ?? '';
99+
$pass = isset($url['pass']) ? ':'.$url['pass'] : '';
100+
$pass = ($user || $pass) ? "$pass@" : '';
101+
$path = $url['path'] ?? '';
102+
$query = $url['query'] ? '?'.$url['query'] : '';
103+
$fragment = isset($url['fragment']) ? '#'.$url['fragment'] : '';
104+
105+
return $scheme.$user.$pass.$host.$port.$path.$query.$fragment;
106+
}
107+
}
108+
109+
if (!class_exists(\Symfony\Component\HttpKernel\UriSigner::class, false)) {
110+
class_alias(UriSigner::class, \Symfony\Component\HttpKernel\UriSigner::class);
31111
}

src/Symfony/Component/HttpKernel/UriSigner.php

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,15 +11,28 @@
1111

1212
namespace Symfony\Component\HttpKernel;
1313

14-
use Symfony\Component\HttpFoundation\Request;
1514
use Symfony\Component\HttpFoundation\UriSigner as HttpFoundationUriSigner;
1615

16+
trigger_deprecation('symfony/dependency-injection', '6.4', 'The "%s" class is deprecated, use "%s" instead.', self::class, HttpFoundationUriSigner::class);
17+
18+
class_exists(HttpFoundationUriSigner::class);
19+
20+
if (false) {
21+
/**
22+
* @deprecated since Symfony 6.4, to be removed in 7.0. Use symfony/http-foundation UriSigner instead.
23+
*/
24+
class UriSigner
25+
{
26+
}
27+
}
28+
29+
1730
/**
1831
* Signs URIs.
1932
*
2033
* @author Fabien Potencier <fabien@symfony.com>
2134
*
22-
* @deprecated since Symfony 6.3, use {@link HttpFoundationUriSigner} instead
35+
* @deprecated since Symfony 6.4, use {@link HttpFoundationUriSigner} instead
2336
*/
2437
class UriSigner
2538
{
@@ -36,7 +49,7 @@ public function __construct(#[\SensitiveParameter] string $secret, string $param
3649
$this->parameter = $parameter;
3750

3851
if ($skipDeprecation) {
39-
trigger_deprecation('symfony/dependency-injection', '6.3', 'The "%s" class is deprecated, use "%s" instead.', self::class, HttpFoundationUriSigner::class);
52+
trigger_deprecation('symfony/dependency-injection', '6.4', 'The "%s" class is deprecated, use "%s" instead.', self::class, HttpFoundationUriSigner::class);
4053
}
4154
}
4255

src/Symfony/Component/HttpKernel/UriSigner.php.orig

Lines changed: 0 additions & 116 deletions
This file was deleted.

src/Symfony/Component/HttpKernel/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@
2020
"symfony/deprecation-contracts": "^2.5|^3",
2121
"symfony/error-handler": "^6.4|^7.0",
2222
"symfony/event-dispatcher": "^5.4|^6.0|^7.0",
23-
"symfony/http-foundation": "^6.2.7|^7.0",
23+
"symfony/http-foundation": "^6.4|^7.0",
2424
"symfony/polyfill-ctype": "^1.8",
2525
"psr/log": "^1|^2|^3"
2626
},

0 commit comments

Comments
 (0)
0