summaryrefslogtreecommitdiffstats
path: root/lib/private/server.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/server.php')
-rw-r--r--lib/private/server.php27
1 files changed, 20 insertions, 7 deletions
diff --git a/lib/private/server.php b/lib/private/server.php
index 6e9c5ca0c68..eca7ac348ef 100644
--- a/lib/private/server.php
+++ b/lib/private/server.php
@@ -64,6 +64,9 @@ use OC\Mail\Mailer;
use OC\Notification\Manager;
use OC\Security\CertificateManager;
use OC\Security\Crypto;
+use OC\Security\CSRF\CsrfTokenGenerator;
+use OC\Security\CSRF\CsrfTokenManager;
+use OC\Security\CSRF\TokenStorage\SessionStorage;
use OC\Security\Hasher;
use OC\Security\CredentialsManager;
use OC\Security\SecureRandom;
@@ -469,12 +472,6 @@ class Server extends ServerContainer implements IServerContainer {
$urlParams = [];
}
- if ($this->getSession()->exists('requesttoken')) {
- $requestToken = $this->getSession()->get('requesttoken');
- } else {
- $requestToken = false;
- }
-
if (defined('PHPUNIT_RUN') && PHPUNIT_RUN
&& in_array('fakeinput', stream_get_wrappers())
) {
@@ -495,10 +492,10 @@ class Server extends ServerContainer implements IServerContainer {
? $_SERVER['REQUEST_METHOD']
: null,
'urlParams' => $urlParams,
- 'requesttoken' => $requestToken,
],
$this->getSecureRandom(),
$this->getConfig(),
+ $this->getCsrfTokenManager(),
$stream
);
});
@@ -588,6 +585,15 @@ class Server extends ServerContainer implements IServerContainer {
$request
);
});
+ $this->registerService('CsrfTokenManager', function (Server $c) {
+ $tokenGenerator = new CsrfTokenGenerator($c->getSecureRandom());
+ $sessionStorage = new SessionStorage($c->getSession());
+
+ return new CsrfTokenManager(
+ $tokenGenerator,
+ $sessionStorage
+ );
+ });
$this->registerService('ShareManager', function(Server $c) {
$config = $c->getConfig();
$factoryClass = $config->getSystemValue('sharing.managerFactory', '\OC\Share20\ProviderFactory');
@@ -1205,6 +1211,13 @@ class Server extends ServerContainer implements IServerContainer {
}
/**
+ * @return CsrfTokenManager
+ */
+ public function getCsrfTokenManager() {
+ return $this->query('CsrfTokenManager');
+ }
+
+ /**
* Not a public API as of 8.2, wait for 9.0
*
* @return \OCA\Files_External\Service\BackendService