diff --git a/src/CsrfMiddleware.php b/src/CsrfMiddleware.php index 6d5c35f..467712c 100644 --- a/src/CsrfMiddleware.php +++ b/src/CsrfMiddleware.php @@ -28,8 +28,18 @@ final class CsrfMiddleware implements MiddlewareInterface private string $parameterName = self::PARAMETER_NAME; private string $headerName = self::HEADER_NAME; - public function __construct(private ResponseFactoryInterface $responseFactory, private CsrfTokenInterface $token, private ?RequestHandlerInterface $failureHandler = null) - { + private ResponseFactoryInterface $responseFactory; + private CsrfTokenInterface $token; + private ?RequestHandlerInterface $failureHandler; + + public function __construct( + ResponseFactoryInterface $responseFactory, + CsrfTokenInterface $token, + RequestHandlerInterface $failureHandler = null + ) { + $this->responseFactory = $responseFactory; + $this->token = $token; + $this->failureHandler = $failureHandler; } public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface diff --git a/src/Hmac/HmacCsrfToken.php b/src/Hmac/HmacCsrfToken.php index b695767..b7aeabc 100644 --- a/src/Hmac/HmacCsrfToken.php +++ b/src/Hmac/HmacCsrfToken.php @@ -24,21 +24,29 @@ */ final class HmacCsrfToken implements CsrfTokenInterface { + private CsrfTokenIdentityGeneratorInterface $identityGenerator; private Mac $mac; + /** + * @var string Shared secret key used to generate the hash. + */ + private string $secretKey; + + /** + * @var int|null Number of seconds that the token is valid for. + */ + private ?int $lifetime; + public function __construct( - private CsrfTokenIdentityGeneratorInterface $identityGenerator, - /** - * @var string Shared secret key used to generate the hash. - */ - private string $secretKey, + CsrfTokenIdentityGeneratorInterface $identityGenerator, + string $secretKey, string $algorithm = 'sha256', - /** - * @var int|null Number of seconds that the token is valid for. - */ - private ?int $lifetime = null + ?int $lifetime = null ) { + $this->identityGenerator = $identityGenerator; $this->mac = new Mac($algorithm); + $this->secretKey = $secretKey; + $this->lifetime = $lifetime; } public function getValue(): string @@ -83,7 +91,7 @@ private function extractData(string $token): ?array $this->secretKey, true ); - } catch (DataIsTamperedException) { + } catch (DataIsTamperedException $e) { return null; } diff --git a/src/Hmac/IdentityGenerator/SessionCsrfTokenIdentityGenerator.php b/src/Hmac/IdentityGenerator/SessionCsrfTokenIdentityGenerator.php index 4223f31..cfd240f 100644 --- a/src/Hmac/IdentityGenerator/SessionCsrfTokenIdentityGenerator.php +++ b/src/Hmac/IdentityGenerator/SessionCsrfTokenIdentityGenerator.php @@ -11,8 +11,11 @@ */ final class SessionCsrfTokenIdentityGenerator implements CsrfTokenIdentityGeneratorInterface { - public function __construct(private SessionInterface $session) + private SessionInterface $session; + + public function __construct(SessionInterface $session) { + $this->session = $session; } public function generate(): string diff --git a/src/MaskedCsrfToken.php b/src/MaskedCsrfToken.php index 6008b06..2498a8e 100644 --- a/src/MaskedCsrfToken.php +++ b/src/MaskedCsrfToken.php @@ -14,8 +14,11 @@ */ final class MaskedCsrfToken implements CsrfTokenInterface { - public function __construct(private CsrfTokenInterface $token) + private CsrfTokenInterface $token; + + public function __construct(CsrfTokenInterface $token) { + $this->token = $token; } public function getValue(): string diff --git a/src/Synchronizer/Generator/RandomCsrfTokenGenerator.php b/src/Synchronizer/Generator/RandomCsrfTokenGenerator.php index 3cfe839..1faac8c 100644 --- a/src/Synchronizer/Generator/RandomCsrfTokenGenerator.php +++ b/src/Synchronizer/Generator/RandomCsrfTokenGenerator.php @@ -11,8 +11,11 @@ */ final class RandomCsrfTokenGenerator implements CsrfTokenGeneratorInterface { - public function __construct(private int $length = 32) + private int $length; + + public function __construct(int $length = 32) { + $this->length = $length; } public function generate(): string diff --git a/src/Synchronizer/Storage/SessionCsrfTokenStorage.php b/src/Synchronizer/Storage/SessionCsrfTokenStorage.php index 22ee800..db47458 100644 --- a/src/Synchronizer/Storage/SessionCsrfTokenStorage.php +++ b/src/Synchronizer/Storage/SessionCsrfTokenStorage.php @@ -15,11 +15,20 @@ class SessionCsrfTokenStorage implements CsrfTokenStorageInterface { public const KEY = '_csrf'; + /** + * @var string Session key used to store data. + */ + private string $key; + + private SessionInterface $session; + /** * @param string $key Session key used to store data. Default is "_csrf". */ - public function __construct(private SessionInterface $session, private string $key = self::KEY) + public function __construct(SessionInterface $session, string $key = self::KEY) { + $this->key = $key; + $this->session = $session; } public function get(): ?string diff --git a/src/Synchronizer/SynchronizerCsrfToken.php b/src/Synchronizer/SynchronizerCsrfToken.php index ca99d1d..36f8ff9 100644 --- a/src/Synchronizer/SynchronizerCsrfToken.php +++ b/src/Synchronizer/SynchronizerCsrfToken.php @@ -21,8 +21,15 @@ */ final class SynchronizerCsrfToken implements CsrfTokenInterface { - public function __construct(private CsrfTokenGeneratorInterface $generator, private CsrfTokenStorageInterface $storage) - { + private CsrfTokenGeneratorInterface $generator; + private CsrfTokenStorageInterface $storage; + + public function __construct( + CsrfTokenGeneratorInterface $generator, + CsrfTokenStorageInterface $storage + ) { + $this->generator = $generator; + $this->storage = $storage; } public function getValue(): string diff --git a/tests/Hmac/IdentityGenerator/MockCsrfTokenIdentityGenerator.php b/tests/Hmac/IdentityGenerator/MockCsrfTokenIdentityGenerator.php index 0f4f7ed..11c3514 100644 --- a/tests/Hmac/IdentityGenerator/MockCsrfTokenIdentityGenerator.php +++ b/tests/Hmac/IdentityGenerator/MockCsrfTokenIdentityGenerator.php @@ -8,8 +8,11 @@ final class MockCsrfTokenIdentityGenerator implements CsrfTokenIdentityGeneratorInterface { - public function __construct(private string $identity) + private string $identity; + + public function __construct(string $identity) { + $this->identity = $identity; } public function generate(): string