Value object representing a CSRF token. More...
Public Member Functions | |
| __construct ($secret, $salt, $new=false) | |
| __toString () | |
| match ($userToken, $maxAge=null) | |
| Test if the token-string matches this token. More... | |
| toString () | |
| Get the string representation of the token. More... | |
| wasNew () | |
| Indicate whether this token was just created. More... | |
Static Public Member Functions | |
| static | getTimestamp ($token) |
| Decode the timestamp from a token string. More... | |
Public Attributes | |
| const | SUFFIX = '+\\' |
| CSRF token suffix. More... | |
Protected Member Functions | |
| toStringAtTimestamp ($timestamp) | |
| Get the string representation of the token at a timestamp. More... | |
Private Attributes | |
| $new = false | |
| $salt = '' | |
| $secret = '' | |
Detailed Description
Constructor & Destructor Documentation
| MediaWiki\Session\Token::__construct | ( | $secret, | |
| $salt, | |||
$new = false |
|||
| ) |
- Parameters
-
string $secret Token secret string $salt Token salt bool $new Whether the secret was newly-created
Definition at line 46 of file Token.php.
References MediaWiki\Session\Token\$new, MediaWiki\Session\Token\$salt, and MediaWiki\Session\Token\$secret.
Member Function Documentation
| MediaWiki\Session\Token::__toString | ( | ) |
Definition at line 93 of file Token.php.
References MediaWiki\Session\Token\toString().
|
static |
Decode the timestamp from a token string.
Does not validate the token beyond the syntactic checks necessary to be able to extract the timestamp.
- Parameters
-
string $token int|null
Definition at line 61 of file Token.php.
Referenced by ApiCheckToken\execute(), User\getEditTokenTimestamp(), and MediaWiki\Session\TokenTest\testGetTimestamp().
| MediaWiki\Session\Token::match | ( | $userToken, | |
$maxAge = null |
|||
| ) |
Test if the token-string matches this token.
- Parameters
-
string $userToken int | null $maxAge Return false if $userToken is older than this many seconds
- Returns
- bool
Definition at line 103 of file Token.php.
References $timestamp, MediaWiki\Session\Token\toStringAtTimestamp(), and wfTimestamp().
| MediaWiki\Session\Token::toString | ( | ) |
Get the string representation of the token.
- Returns
- string
Definition at line 89 of file Token.php.
References MediaWiki\Session\Token\toStringAtTimestamp(), and wfTimestamp().
Referenced by MediaWiki\Session\Token\__toString().
|
protected |
Get the string representation of the token at a timestamp.
- Parameters
-
int timestamp
- Returns
- string
Definition at line 79 of file Token.php.
References $timestamp.
Referenced by MediaWiki\Session\Token\match(), and MediaWiki\Session\Token\toString().
| MediaWiki\Session\Token::wasNew | ( | ) |
Indicate whether this token was just created.
- Returns
- bool
Definition at line 121 of file Token.php.
References MediaWiki\Session\Token\$new.
Member Data Documentation
|
private |
Definition at line 39 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct(), and MediaWiki\Session\Token\wasNew().
|
private |
Definition at line 38 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct().
|
private |
Definition at line 37 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct().
| const MediaWiki\Session\Token::SUFFIX = '+\\' |
CSRF token suffix.
Plus and terminal backslash are included to stop editing from certain broken proxies.
Definition at line 35 of file Token.php.
Referenced by ApiTestCase\doApiRequestWithToken().
The documentation for this class was generated from the following file:
- includes/session/Token.php
