Rev 1116 | Rev 1186 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1116 | Rev 1130 | ||
---|---|---|---|
Line 59... | Line 59... | ||
59 | 59 | ||
60 | /** |
60 | /** |
61 | * @return string |
61 | * @return string |
62 | * @throws OIDplusException |
62 | * @throws OIDplusException |
63 | */ |
63 | */ |
64 | public function getAuthMethod() { |
64 | public function getAuthMethod(): string { |
65 | $acs = $this->getAuthContentStore(); |
65 | $acs = $this->getAuthContentStore(); |
66 | if (is_null($acs)) return 'null'; |
66 | if (is_null($acs)) return 'null'; |
67 | return get_class($acs); |
67 | return get_class($acs); |
68 | } |
68 | } |
69 | 69 | ||
Line 440... | Line 440... | ||
440 | * @throws OIDplusException |
440 | * @throws OIDplusException |
441 | */ |
441 | */ |
442 | public function checkCSRF() { |
442 | public function checkCSRF() { |
443 | if (!$this->enable_csrf) return; |
443 | if (!$this->enable_csrf) return; |
444 | 444 | ||
445 | $request_token = isset($_REQUEST['csrf_token']) ? $_REQUEST['csrf_token'] : ''; |
445 | $request_token = $_REQUEST['csrf_token'] ?? ''; |
446 | $cookie_token = isset($_COOKIE['csrf_token']) ? $_COOKIE['csrf_token'] : ''; |
446 | $cookie_token = $_COOKIE['csrf_token'] ?? ''; |
447 | 447 | ||
448 | if (empty($request_token) || empty($cookie_token) || ($request_token !== $cookie_token)) { |
448 | if (empty($request_token) || empty($cookie_token) || ($request_token !== $cookie_token)) { |
449 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
449 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
450 | throw new OIDplusException(_L('Missing or wrong CSRF Token: Request %1 vs Cookie %2', |
450 | throw new OIDplusException(_L('Missing or wrong CSRF Token: Request %1 vs Cookie %2', |
451 | isset($_REQUEST['csrf_token']) ? '"'.$_REQUEST['csrf_token'].'"' : 'NULL', |
451 | isset($_REQUEST['csrf_token']) ? '"'.$_REQUEST['csrf_token'].'"' : 'NULL', |
452 | isset($_COOKIE['csrf_token']) ? $_COOKIE['csrf_token'] : 'NULL' |
452 | $_COOKIE['csrf_token'] ?? 'NULL' |
453 | )); |
453 | )); |
454 | } else { |
454 | } else { |
455 | throw new OIDplusException(_L('Missing or wrong "CSRF Token". To fix the issue, try clearing your browser cache and reload the page. If you visited the page via HTTPS before, try HTTPS in case you are currently connected via HTTP.')); |
455 | throw new OIDplusException(_L('Missing or wrong "CSRF Token". To fix the issue, try clearing your browser cache and reload the page. If you visited the page via HTTPS before, try HTTPS in case you are currently connected via HTTP.')); |
456 | } |
456 | } |
457 | } |
457 | } |