class CartLinkToken in Commerce Add To Cart Link 2.x
Same name and namespace in other branches
- 8 src/CartLinkToken.php \Drupal\commerce_add_to_cart_link\CartLinkToken
Default cart link token service implementation.
Hierarchy
- class \Drupal\commerce_add_to_cart_link\CartLinkToken implements CartLinkTokenInterface
Expanded class hierarchy of CartLinkToken
1 string reference to 'CartLinkToken'
1 service uses CartLinkToken
File
- src/
CartLinkToken.php, line 15
Namespace
Drupal\commerce_add_to_cart_linkView source
class CartLinkToken implements CartLinkTokenInterface {
/**
* The module configuration.
*
* @var \Drupal\Core\Config\Config
*/
protected $config;
/**
* The current user.
*
* @var \Drupal\Core\Session\AccountProxyInterface
*/
protected $currentUser;
/**
* The Drupal private key.
*
* @var \Drupal\Core\PrivateKey
*/
protected $privateKey;
/**
* Constructs a new CartLinkToken object.
*
* @param \Drupal\Core\Session\AccountInterface $current_user
* The current user.
* @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
* The config factory.
* @param \Drupal\Core\PrivateKey $private_key
* The Drupal private key.
*/
public function __construct(AccountInterface $current_user, ConfigFactoryInterface $config_factory, PrivateKey $private_key) {
$this->config = $config_factory
->get('commerce_add_to_cart_link.settings');
$this->currentUser = $current_user;
$this->privateKey = $private_key;
}
/**
* {@inheritdoc}
*/
public function generate(ProductVariationInterface $variation) {
if (!$this
->needsCsrfProtection($this->currentUser)) {
return '';
}
$value = $this
->generateTokenValue($variation);
return substr(Crypt::hmacBase64($value, $this->privateKey
->get() . $this
->getHashSalt()), 0, 16);
}
/**
* {@inheritdoc}
*/
public function validate(ProductVariationInterface $variation, string $token) {
if (!$this
->needsCsrfProtection($this->currentUser)) {
return TRUE;
}
$value = $this
->generate($variation);
return hash_equals($value, $token);
}
/**
* {@inheritdoc}
*/
public function needsCsrfProtection(AccountInterface $account = NULL) {
if (is_null($account)) {
$account = $this->currentUser;
}
$csrf_protected_roles = $this->config
->get('csrf_token.roles');
if (empty($csrf_protected_roles)) {
return FALSE;
}
return !empty(array_intersect($csrf_protected_roles, $account
->getRoles()));
}
/**
* Generates the value used for the token generation.
*
* @param \Drupal\commerce_product\Entity\ProductVariationInterface $variation
* The product variation.
*
* @return string
* The value used for the token generation.
*/
protected function generateTokenValue(ProductVariationInterface $variation) {
return sprintf('cart_link:%s:%s', $variation
->getProductId(), $variation
->id());
}
/**
* Gets a salt useful for hardening against SQL injection.
*
* @return string
* A salt based on information in settings.php, not in the database.
*
* @throws \RuntimeException
*/
protected function getHashSalt() {
return Settings::getHashSalt();
}
}
Members
Name![]() |
Modifiers | Type | Description | Overrides |
---|---|---|---|---|
CartLinkToken:: |
protected | property | The module configuration. | |
CartLinkToken:: |
protected | property | The current user. | |
CartLinkToken:: |
protected | property | The Drupal private key. | |
CartLinkToken:: |
public | function |
Generates a token for the given product variation. Overrides CartLinkTokenInterface:: |
|
CartLinkToken:: |
protected | function | Generates the value used for the token generation. | |
CartLinkToken:: |
protected | function | Gets a salt useful for hardening against SQL injection. | |
CartLinkToken:: |
public | function |
Checks whether the given user account needs CSRF protection. Overrides CartLinkTokenInterface:: |
|
CartLinkToken:: |
public | function |
Checks the given token for the given variation for validity. Overrides CartLinkTokenInterface:: |
|
CartLinkToken:: |
public | function | Constructs a new CartLinkToken object. |