123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- <?php
- declare(strict_types=1);
- namespace OC\Core\Controller;
- use OC\Security\CSRF\CsrfTokenManager;
- use OCP\AppFramework\Controller;
- use OCP\AppFramework\Http;
- use OCP\AppFramework\Http\Attribute\FrontpageRoute;
- use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
- use OCP\AppFramework\Http\Attribute\PublicPage;
- use OCP\AppFramework\Http\JSONResponse;
- use OCP\IRequest;
- class CSRFTokenController extends Controller {
- public function __construct(
- string $appName,
- IRequest $request,
- private CsrfTokenManager $tokenManager,
- ) {
- parent::__construct($appName, $request);
- }
-
-
-
-
- public function index(): JSONResponse {
- if (!$this->request->passesStrictCookieCheck()) {
- return new JSONResponse([], Http::STATUS_FORBIDDEN);
- }
- $requestToken = $this->tokenManager->getToken();
- return new JSONResponse([
- 'token' => $requestToken->getEncryptedValue(),
- ]);
- }
- }
|