class DenyTestAuthRequests

Same name in other branches
  1. 8.9.x core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
  2. 10 core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
  3. 11.x core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests

Cache policy for pages requested with REST Test Auth.

This policy disallows caching of requests that use the REST Test Auth authentication provider for security reasons (just like basic_auth). Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.

Hierarchy

Expanded class hierarchy of DenyTestAuthRequests

See also

\Drupal\rest_test\Authentication\Provider\TestAuth

\Drupal\rest_test\Authentication\Provider\TestAuthGlobal

\Drupal\basic_auth\PageCache\DisallowBasicAuthRequests

1 string reference to 'DenyTestAuthRequests'
rest_test.services.yml in core/modules/rest/tests/modules/rest_test/rest_test.services.yml
core/modules/rest/tests/modules/rest_test/rest_test.services.yml
1 service uses DenyTestAuthRequests
rest_test.page_cache_request_policy.deny_test_auth_requests in core/modules/rest/tests/modules/rest_test/rest_test.services.yml
Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests

File

core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php, line 20

Namespace

Drupal\rest_test\PageCache\RequestPolicy
View source
class DenyTestAuthRequests implements RequestPolicyInterface {
    
    /**
     * {@inheritdoc}
     */
    public function check(Request $request) {
        if ($request->headers
            ->has('REST-test-auth') || $request->headers
            ->has('REST-test-auth-global')) {
            return self::DENY;
        }
    }

}

Members

Title Sort descending Modifiers Object type Summary Overriden Title
DenyTestAuthRequests::check public function Determines whether delivery of a cached page should be attempted. Overrides RequestPolicyInterface::check
RequestPolicyInterface::ALLOW constant Allow delivery of cached pages.
RequestPolicyInterface::DENY constant Deny delivery of cached pages.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.