3 namespace Drupal\system\Controller;
5 use Drupal\Core\Access\CsrfRequestHeaderAccessCheck;
6 use Drupal\Core\Access\CsrfTokenGenerator;
7 use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
8 use Symfony\Component\DependencyInjection\ContainerInterface;
9 use Symfony\Component\HttpFoundation\Response;
12 * Returns responses for CSRF token routes.
14 class CsrfTokenController implements ContainerInjectionInterface {
17 * The CSRF token generator.
19 * @var \Drupal\Core\Access\CsrfTokenGenerator
21 protected $tokenGenerator;
24 * Constructs a new CsrfTokenController object.
26 * @param \Drupal\Core\Access\CsrfTokenGenerator $token_generator
27 * The CSRF token generator.
29 public function __construct(CsrfTokenGenerator $token_generator) {
30 $this->tokenGenerator = $token_generator;
36 public static function create(ContainerInterface $container) {
38 $container->get('csrf_token')
43 * Returns a CSRF protecting session token.
45 * @return \Symfony\Component\HttpFoundation\Response
46 * The response object.
48 public function csrfToken() {
49 return new Response($this->tokenGenerator->get(CsrfRequestHeaderAccessCheck::TOKEN_KEY), 200, ['Content-Type' => 'text/plain']);