Fr3nch13/CakePHP Utilities

EncryptedCookieMiddleware
in package
implements MiddlewareInterface uses CookieCryptTrait

Middleware for encrypting & decrypting cookies.

This middleware layer will encrypt/decrypt the named cookies with the given key and cipher type. To support multiple keys/cipher types use this middleware multiple times.

Cookies in request data will be decrypted, while cookies in response headers will be encrypted automatically. If the response is a , the cookie data set with withCookie() and `cookie()`` will also be encrypted.

The encryption types and padding are compatible with those used by CookieComponent for backwards compatibility.

Table of Contents

Interfaces

MiddlewareInterface
Participant in processing a server request and response.

Properties

$_validCiphers  : array<string|int, string>
Valid cipher names for encrypted cookies.
$cipherType  : string
Encryption type.
$cookieNames  : array<string|int, string>
The list of cookies to encrypt/decrypt
$key  : string
Encryption key to use.

Methods

__construct()  : mixed
Constructor
process()  : ResponseInterface
Apply cookie encryption/decryption.
_checkCipher()  : void
Helper method for validating encryption cipher names.
_decode()  : array<string|int, mixed>|string
Decodes and decrypts a single value.
_decrypt()  : array<string|int, mixed>|string
Decrypts $value using public $type method in Security class
_encrypt()  : string
Encrypts $value using public $type method in Security class
_explode()  : array<string|int, mixed>|string
Explode method to return array from string set in CookieComponent::_implode() Maintains reading backwards compatibility with 1.x CookieComponent::_implode().
_getCookieEncryptionKey()  : string
Fetch the cookie encryption key.
_implode()  : string
Implode method to keep keys are multidimensional arrays
decodeCookies()  : ServerRequestInterface
Decode cookies from the request.
encodeCookies()  : Response
Encode cookies from a response's CookieCollection.
encodeSetCookieHeader()  : ResponseInterface
Encode cookies from a response's Set-Cookie header

Properties

$_validCiphers

Valid cipher names for encrypted cookies.

protected array<string|int, string> $_validCiphers = ['aes']

Methods

__construct()

Constructor

public __construct(array<string|int, string> $cookieNames, string $key[, string $cipherType = 'aes' ]) : mixed
Parameters
$cookieNames : array<string|int, string>

The list of cookie names that should have their values encrypted.

$key : string

The encryption key to use.

$cipherType : string = 'aes'

The cipher type to use. Defaults to 'aes'.

_checkCipher()

Helper method for validating encryption cipher names.

protected _checkCipher(string $encrypt) : void
Parameters
$encrypt : string

The cipher name.

Tags
throws
RuntimeException

When an invalid cipher is provided.

_decode()

Decodes and decrypts a single value.

protected _decode(string $value, string|false $encrypt, string|null $key) : array<string|int, mixed>|string
Parameters
$value : string

The value to decode & decrypt.

$encrypt : string|false

The encryption cipher to use.

$key : string|null

Used as the security salt if specified.

Return values
array<string|int, mixed>|string

Decoded values.

_decrypt()

Decrypts $value using public $type method in Security class

protected _decrypt(array<string|int, string>|string $values, string|false $mode[, string|null $key = null ]) : array<string|int, mixed>|string
Parameters
$values : array<string|int, string>|string

Values to decrypt

$mode : string|false

Encryption mode

$key : string|null = null

Used as the security salt if specified.

Return values
array<string|int, mixed>|string

Decrypted values

_encrypt()

Encrypts $value using public $type method in Security class

protected _encrypt(array<string|int, mixed>|string $value, string|false $encrypt[, string|null $key = null ]) : string
Parameters
$value : array<string|int, mixed>|string

Value to encrypt

$encrypt : string|false

Encryption mode to use. False disabled encryption.

$key : string|null = null

Used as the security salt if specified.

Return values
string

Encoded values

_explode()

Explode method to return array from string set in CookieComponent::_implode() Maintains reading backwards compatibility with 1.x CookieComponent::_implode().

protected _explode(string $string) : array<string|int, mixed>|string
Parameters
$string : string

A string containing JSON encoded data, or a bare string.

Return values
array<string|int, mixed>|string

Map of key and values

_getCookieEncryptionKey()

Fetch the cookie encryption key.

protected _getCookieEncryptionKey() : string

Part of the CookieCryptTrait implementation.

Return values
string

_implode()

Implode method to keep keys are multidimensional arrays

protected _implode(array<string|int, mixed> $array) : string
Parameters
$array : array<string|int, mixed>

Map of key and values

Return values
string

A JSON encoded string.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results