DefaultXsrfTokenService (Atlassian Confluence 6.6.0 API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.atlassian.confluence.security.service.DefaultXsrfTokenService

All Implemented Interfaces:

XsrfTokenService
```
public class DefaultXsrfTokenService
extends Object
implements XsrfTokenService
```
This implementation unfortunately duplicates the logic of XsrfTokenInterceptor as a proper adaption turns out too complex due to the extensive use of ThreadLocals in the underlying code.

Constructor Summary

Constructors
Constructor and Description

DefaultXsrfTokenService(com.atlassian.xwork.XsrfTokenGenerator tokenGenerator)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`com.atlassian.fugue.Pair<String,String>`	`generate(javax.servlet.http.HttpServletRequest request)` Generate and bind a token pair to the session.
`com.atlassian.fugue.Maybe<Message>`	`validate(javax.servlet.http.HttpServletRequest request)` Validate if the given request contains the token bound to the request's session.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - DefaultXsrfTokenService
```
public DefaultXsrfTokenService(com.atlassian.xwork.XsrfTokenGenerator tokenGenerator)
```
- Method Detail
  - generate
```
public com.atlassian.fugue.Pair<String,String> generate(javax.servlet.http.HttpServletRequest request)
```
    Description copied from interface: XsrfTokenService
    
    Generate and bind a token pair to the session.
    
    Specified by:
    
    generate in interface XsrfTokenService
    
    Parameters:
    
    request - the request used to identify the session, will be created if none is present
    
    Returns:
    
    a token pair to be used for the modifying request, containing the parameter key in the left part and the token value in the right part
  - validate
```
public com.atlassian.fugue.Maybe<Message> validate(javax.servlet.http.HttpServletRequest request)
```
    Description copied from interface: XsrfTokenService
    
    Validate if the given request contains the token bound to the request's session.
    
    Specified by:
    
    validate in interface XsrfTokenService
    
    Parameters:
    
    request - the request used to identify the session and containing the token parameter
    
    Returns:
    
    maybe error messages, thus Maybe.isEmpty() indicates a successful flow

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2003–2017 Atlassian. All rights reserved.