7 declare(strict_types=1);
30 private $formKeyValidator;
35 private $redirectFactory;
48 FormKeyValidator $formKeyValidator,
52 $this->formKeyValidator = $formKeyValidator;
53 $this->redirectFactory = $redirectFactory;
54 $this->appState = $appState;
63 private function validateRequest(
69 $valid = $action->validateForCsrf(
$request);
71 if ($valid ===
null) {
74 || $this->formKeyValidator->validate(
$request);
86 private function createException(
88 ActionInterface $action
89 ): InvalidRequestException {
91 if ($action instanceof CsrfAwareActionInterface) {
92 $exception = $action->createCsrfValidationException(
$request);
95 $response = $this->redirectFactory->create()
96 ->setRefererOrBaseUrl()
97 ->setHttpResponseCode(302);
99 new Phrase(
'Invalid Form Key. Please refresh the page.'),
101 $exception =
new InvalidRequestException(
$response, $messages);
115 $areaCode = $this->appState->getAreaCode();
126 $valid = $this->validateRequest(
$request, $action);
128 throw $this->createException(
$request, $action);
__construct(FormKeyValidator $formKeyValidator, RedirectFactory $redirectFactory, AppState $appState)
validate(RequestInterface $request, ActionInterface $action)