Package org.apache.nifi.web.security.csrf

Class StandardCsrfTokenRequestAttributeHandler

java.lang.Object
org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
org.apache.nifi.web.security.csrf.StandardCsrfTokenRequestAttributeHandler
All Implemented Interfaces:
org.springframework.security.web.csrf.CsrfTokenRequestHandler, org.springframework.security.web.csrf.CsrfTokenRequestResolver
public class StandardCsrfTokenRequestAttributeHandler extends org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
Cross-Site Request Forgery Mitigation Token Handler implementation supporting resolution using Request Header

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private final org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler
    handler
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    StandardCsrfTokenRequestAttributeHandler()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Supplier<org.springframework.security.web.csrf.CsrfToken> csrfTokenSupplier)
    Handle Request using standard Spring Security implementation
    String
    resolveCsrfTokenValue(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.web.csrf.CsrfToken csrfToken)
    Resolve CSRF Token Value from HTTP Request Header

    Methods inherited from class org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler

    setCsrfRequestAttributeName

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • handler

      private final org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler handler

  • Constructor Details

    • StandardCsrfTokenRequestAttributeHandler

      public StandardCsrfTokenRequestAttributeHandler()

  • Method Details

    • handle

      public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Supplier<org.springframework.security.web.csrf.CsrfToken> csrfTokenSupplier)
      Handle Request using standard Spring Security implementation
      Specified by:
      handle in interface org.springframework.security.web.csrf.CsrfTokenRequestHandler
      Overrides:
      handle in class org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
      Parameters:
      request - HTTP Servlet Request being handled
      response - HTTP Servlet Response being handled
      csrfTokenSupplier - Supplier for CSRF Token

    • resolveCsrfTokenValue

      public String resolveCsrfTokenValue(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.web.csrf.CsrfToken csrfToken)
      Resolve CSRF Token Value from HTTP Request Header
      Parameters:
      request - HTTP Servlet Request being processed
      csrfToken - CSRF Token created from a CSRF Token Repository
      Returns:
      Token Value from Request Header or null when not found