Package org.pac4j.core.authorization.authorizer

Class CsrfAuthorizer

java.lang.Object
org.pac4j.core.authorization.authorizer.CsrfAuthorizer
All Implemented Interfaces:
Authorizer
public class CsrfAuthorizer extends Object implements Authorizer
Authorizer that checks CSRF tokens.
Since:
1.8.0
Author:
Jerome Leleu

  • Constructor Details

    • CsrfAuthorizer

      public CsrfAuthorizer()

    • CsrfAuthorizer

      public CsrfAuthorizer(String parameterName, String headerName)

    • CsrfAuthorizer

      public CsrfAuthorizer(String parameterName, String headerName, boolean checkAllRequests)

  • Method Details

    • isAuthorized

      public boolean isAuthorized(WebContext context, SessionStore sessionStore, List<UserProfile> profiles)
      Description copied from interface: Authorizer
      Checks if the user profiles and / or the current web context are authorized.
      Specified by:
      isAuthorized in interface Authorizer
      Parameters:
      context - the web context
      sessionStore - the session store
      profiles - the user profiles
      Returns:
      if the access is authorized

    • hashEquals

      protected boolean hashEquals(String a, String b)

    • getParameterName

      public String getParameterName()

    • setParameterName

      public void setParameterName(String parameterName)

    • getHeaderName

      public String getHeaderName()

    • setHeaderName

      public void setHeaderName(String headerName)

    • isCheckAllRequests

      public boolean isCheckAllRequests()

    • setCheckAllRequests

      public void setCheckAllRequests(boolean checkAllRequests)

    • toString

      public String toString()
      Overrides:
      toString in class Object