List of usage examples for org.springframework.security.web.csrf DefaultCsrfToken DefaultCsrfToken
public DefaultCsrfToken(String headerName, String parameterName, String token)
From source file:au.gov.dto.dibp.appointments.security.csrf.CookieBasedCsrfTokenRepository.java
@Override public CsrfToken generateToken(HttpServletRequest request) { String tokenValue = new BigInteger(130, secureRandom).toString(32); // http://stackoverflow.com/a/41156 return new DefaultCsrfToken(CSRF_HEADER_NAME, CSRF_COOKIE_AND_PARAMETER_NAME, tokenValue); }
From source file:au.gov.dto.springframework.security.web.csrf.CookieCsrfTokenRepository.java
@Override public CsrfToken generateToken(HttpServletRequest request) { String tokenValue = new BigInteger(130, secureRandom).toString(32); // http://stackoverflow.com/a/41156 return new DefaultCsrfToken(csrfHeaderName, csrfParameterName, tokenValue); }
From source file:au.gov.dto.dibp.appointments.security.csrf.CookieBasedCsrfTokenRepository.java
@Override public CsrfToken loadToken(HttpServletRequest request) { if (request.getCookies() != null) { for (Cookie cookie : request.getCookies()) { if (cookie != null && CSRF_COOKIE_AND_PARAMETER_NAME.equals(cookie.getName())) { return new DefaultCsrfToken(CSRF_HEADER_NAME, CSRF_COOKIE_AND_PARAMETER_NAME, cookie.getValue()); }/*from w ww . j a va2 s . c o m*/ } } return null; }
From source file:au.gov.dto.springframework.security.web.csrf.CookieCsrfTokenRepository.java
@Override public CsrfToken loadToken(HttpServletRequest request) { if (request.getCookies() != null) { for (Cookie cookie : request.getCookies()) { if (cookie != null && csrfCookieName.equals(cookie.getName())) { return new DefaultCsrfToken(csrfHeaderName, csrfParameterName, cookie.getValue()); }//w w w . j a v a 2 s . c o m } } return null; }
From source file:org.appverse.web.framework.backend.test.util.frontfacade.mvc.tests.predefined.TestCsrfTokenRepository.java
@Override public CsrfToken generateToken(HttpServletRequest request) { return new DefaultCsrfToken(headerName, parameterName, defaultTestCsrfTokenValue); }
From source file:com.foilen.smalltools.spring.security.CookiesGeneratedCsrfTokenRepository.java
@Override public CsrfToken generateToken(HttpServletRequest request) { AssertTools.assertNotNull(salt, "You must set the salt"); AssertTools.assertFalse(cookieNames.isEmpty(), "You must set at least one cookie"); // Search all the cookies Map<String, String> valuesByName = new HashMap<>(); Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookieNames.contains(cookie.getName())) { String previousValue = valuesByName.put(cookie.getName(), cookie.getValue()); if (previousValue != null) { throw new SmallToolsException( "The cookie with name " + cookie.getName() + " contains more than one value"); }// w w w . ja v a 2 s. c o m } } } // Generate the token StringBuilder allValues = new StringBuilder(salt); for (String cookieName : cookieNames) { String cookieValue = valuesByName.get(cookieName); logger.debug("Adding cookie {} with value {}", cookieName, cookieValue); allValues.append(cookieName).append(cookieValue); } String token = HashSha256.hashString(allValues.toString()); logger.debug("Token is {}", token); return new DefaultCsrfToken(HEADER_NAME, PARAMETER_NAME, token); }
From source file:com.erudika.para.security.CachedCsrfTokenRepository.java
/** * Generates a CSRF token string./*from ww w.j a v a2 s .c o m*/ * @param request HTTP request * @return a new token */ public CsrfToken generateToken(HttpServletRequest request) { return new DefaultCsrfToken(headerName, parameterName, new UUID().toString()); }