Class CsrfAuthorizer
- java.lang.Object
-
- org.pac4j.core.authorization.authorizer.CsrfAuthorizer
-
- All Implemented Interfaces:
Authorizer
public class CsrfAuthorizer extends java.lang.Object implements Authorizer
Authorizer that checks CSRF tokens.- Since:
- 1.8.0
- Author:
- Jerome Leleu
-
-
Constructor Summary
Constructors Constructor Description CsrfAuthorizer()
CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName)
CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName, boolean checkAllRequests)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getHeaderName()
java.lang.String
getParameterName()
protected boolean
hashEquals(java.lang.String a, java.lang.String b)
boolean
isAuthorized(WebContext context, SessionStore sessionStore, java.util.List<UserProfile> profiles)
Checks if the user profiles and / or the current web context are authorized.boolean
isCheckAllRequests()
void
setCheckAllRequests(boolean checkAllRequests)
void
setHeaderName(java.lang.String headerName)
void
setParameterName(java.lang.String parameterName)
java.lang.String
toString()
-
-
-
Method Detail
-
isAuthorized
public boolean isAuthorized(WebContext context, SessionStore sessionStore, java.util.List<UserProfile> profiles)
Description copied from interface:Authorizer
Checks if the user profiles and / or the current web context are authorized.- Specified by:
isAuthorized
in interfaceAuthorizer
- Parameters:
context
- the web contextsessionStore
- the session storeprofiles
- the user profiles- Returns:
- if the access is authorized
-
hashEquals
protected boolean hashEquals(java.lang.String a, java.lang.String b)
-
getParameterName
public java.lang.String getParameterName()
-
setParameterName
public void setParameterName(java.lang.String parameterName)
-
getHeaderName
public java.lang.String getHeaderName()
-
setHeaderName
public void setHeaderName(java.lang.String headerName)
-
isCheckAllRequests
public boolean isCheckAllRequests()
-
setCheckAllRequests
public void setCheckAllRequests(boolean checkAllRequests)
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-