Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\system\Controller;
Chris@0: 
Chris@0: use Drupal\Core\Access\CsrfRequestHeaderAccessCheck;
Chris@0: use Drupal\Core\Access\CsrfTokenGenerator;
Chris@0: use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
Chris@0: use Symfony\Component\DependencyInjection\ContainerInterface;
Chris@0: use Symfony\Component\HttpFoundation\Response;
Chris@0: 
Chris@0: /**
Chris@0:  * Returns responses for CSRF token routes.
Chris@0:  */
Chris@0: class CsrfTokenController implements ContainerInjectionInterface {
Chris@0: 
Chris@0:   /**
Chris@0:    * The CSRF token generator.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Access\CsrfTokenGenerator
Chris@0:    */
Chris@0:   protected $tokenGenerator;
Chris@0: 
Chris@0:   /**
Chris@0:    * Constructs a new CsrfTokenController object.
Chris@0:    *
Chris@0:    * @param \Drupal\Core\Access\CsrfTokenGenerator $token_generator
Chris@0:    *   The CSRF token generator.
Chris@0:    */
Chris@0:   public function __construct(CsrfTokenGenerator $token_generator) {
Chris@0:     $this->tokenGenerator = $token_generator;
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   public static function create(ContainerInterface $container) {
Chris@0:     return new static(
Chris@0:       $container->get('csrf_token')
Chris@0:     );
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Returns a CSRF protecting session token.
Chris@0:    *
Chris@0:    * @return \Symfony\Component\HttpFoundation\Response
Chris@0:    *   The response object.
Chris@0:    */
Chris@0:   public function csrfToken() {
Chris@0:     return new Response($this->tokenGenerator->get(CsrfRequestHeaderAccessCheck::TOKEN_KEY), 200, ['Content-Type' => 'text/plain']);
Chris@0:   }
Chris@0: 
Chris@0: }