Revert "Issue #2201919 by damiankloip: Replace drupal_get_hash_salt() with direct Settings call in CsrfTokenGenerator."
This reverts commit aad87a80b1.
8.0.x
Nathaniel Catchpole
parent
aad87a80b1
commit
dad0245d7d
|
|
@ -460,9 +460,9 @@ services:
|
|||
arguments: ['@state']
|
||||
csrf_token:
|
||||
class: Drupal\Core\Access\CsrfTokenGenerator
|
||||
arguments: ['@private_key', '@settings']
|
||||
arguments: ['@private_key']
|
||||
calls:
|
||||
- [setCurrentUser, ['@?current_user=']]
|
||||
- [setCurrentUser, ['@?current_user']]
|
||||
access_manager:
|
||||
class: Drupal\Core\Access\AccessManager
|
||||
arguments: ['@router.route_provider', '@url_generator', '@paramconverter_manager']
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
namespace Drupal\Core\Access;
|
||||
|
||||
use Drupal\Component\Utility\Crypt;
|
||||
use Drupal\Component\Utility\Settings;
|
||||
use Drupal\Core\PrivateKey;
|
||||
use Drupal\Core\Session\AccountInterface;
|
||||
|
||||
|
|
@ -33,24 +32,14 @@ class CsrfTokenGenerator {
|
|||
*/
|
||||
protected $currentUser;
|
||||
|
||||
/**
|
||||
* The settings instance.
|
||||
*
|
||||
* @var \Drupal\Component\Utility\Settings
|
||||
*/
|
||||
protected $settings;
|
||||
|
||||
/**
|
||||
* Constructs the token generator.
|
||||
*
|
||||
* @param \Drupal\Core\PrivateKey $private_key
|
||||
* The private key service.
|
||||
* @param \Drupal\Component\Utility\Settings $settings
|
||||
* The settings instance.
|
||||
*/
|
||||
public function __construct(PrivateKey $private_key, Settings $settings) {
|
||||
public function __construct(PrivateKey $private_key) {
|
||||
$this->privateKey = $private_key;
|
||||
$this->settings = $settings;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -83,7 +72,7 @@ class CsrfTokenGenerator {
|
|||
* @see drupal_session_start()
|
||||
*/
|
||||
public function get($value = '') {
|
||||
return Crypt::hmacBase64($value, session_id() . $this->privateKey->get() . $this->settings->get('hash_salt'));
|
||||
return Crypt::hmacBase64($value, session_id() . $this->privateKey->get() . drupal_get_hash_salt());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -5,12 +5,12 @@
|
|||
* Contains \Drupal\Tests\Core\Access\CsrfTokenGeneratorTest.
|
||||
*/
|
||||
|
||||
namespace Drupal\Tests\Core\Access;
|
||||
namespace Drupal\Tests\Core\Access {
|
||||
|
||||
use Drupal\Tests\UnitTestCase;
|
||||
use Drupal\Core\Access\CsrfTokenGenerator;
|
||||
use Drupal\Component\Utility\Crypt;
|
||||
use Drupal\Component\Utility\Settings;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
|
||||
/**
|
||||
* Tests the CSRF token generator.
|
||||
|
|
@ -48,7 +48,7 @@ class CsrfTokenGeneratorTest extends UnitTestCase {
|
|||
->method('get')
|
||||
->will($this->returnValue($this->key));
|
||||
|
||||
$this->generator = new CsrfTokenGenerator($private_key, new Settings(array('hash_salt' => 'test')));
|
||||
$this->generator = new CsrfTokenGenerator($private_key);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -153,3 +153,16 @@ class CsrfTokenGeneratorTest extends UnitTestCase {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @todo Remove this when https://drupal.org/node/2036259 is resolved.
|
||||
*/
|
||||
namespace {
|
||||
if (!function_exists('drupal_get_hash_salt')) {
|
||||
function drupal_get_hash_salt() {
|
||||
return hash('sha256', 'test_hash_salt');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue