Class CsrfAuthorizer
java.lang.Object
org.pac4j.core.authorization.authorizer.CsrfAuthorizer
- All Implemented Interfaces:
Authorizer
Authorizer that checks CSRF tokens.
- Since:
- 1.8.0
- Author:
- Jerome Leleu
-
Constructor Summary
ConstructorDescriptionCsrfAuthorizer
(String parameterName, String headerName) CsrfAuthorizer
(String parameterName, String headerName, boolean checkAllRequests) -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
hashEquals
(String a, String b) boolean
isAuthorized
(WebContext context, SessionStore sessionStore, List<UserProfile> profiles) Checks if the user profiles and / or the current web context are authorized.
-
Constructor Details
-
CsrfAuthorizer
public CsrfAuthorizer() -
CsrfAuthorizer
-
CsrfAuthorizer
-
-
Method Details
-
isAuthorized
public boolean isAuthorized(WebContext context, SessionStore sessionStore, List<UserProfile> profiles) Description copied from interface:Authorizer
Checks if the user profiles and / or the current web context are authorized.- Specified by:
isAuthorized
in interfaceAuthorizer
- Parameters:
context
- the web contextsessionStore
- the session storeprofiles
- the user profiles- Returns:
- if the access is authorized
-
hashEquals
-