@Component(roles=org.xwiki.script.service.ScriptService.class) @Named(value="csrf") @Singleton public class CSRFTokenScriptService extends Object implements CSRFToken, org.xwiki.script.service.ScriptService
CSRFToken
component.Constructor and Description |
---|
CSRFTokenScriptService() |
Modifier and Type | Method and Description |
---|---|
void |
clearToken()
Removes the anti-CSRF token associated with the current user.
|
String |
getRequestURI()
Get the URI to call to trigger back the failed request.
|
String |
getResubmissionURL()
Get the URL where a failed request should be redirected to.
|
String |
getToken()
Returns the anti-CSRF token associated with the current user.
|
boolean |
isTokenValid(String token)
Check if the given
token matches the internally stored token associated with the current user. |
public String getToken()
CSRFToken
getToken
in interface CSRFToken
CSRFToken.isTokenValid(String)
public void clearToken()
CSRFToken
CSRFToken.getToken()
will generate a fresh token.clearToken
in interface CSRFToken
public boolean isTokenValid(String token)
CSRFToken
token
matches the internally stored token associated with the current user.isTokenValid
in interface CSRFToken
token
- random token from the requesttrue
if the component is disabled or the given token is correct, false
otherwisepublic String getResubmissionURL()
CSRFToken
getResubmissionURL
in interface CSRFToken
public String getRequestURI()
CSRFToken
CSRFToken.getResubmissionURL()
.getRequestURI
in interface CSRFToken
Copyright © 2004–2022 XWiki. All rights reserved.