CSRF

Middleware to avoid Cross-site request forgery attacks. More info on CSRF at: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

This middleware is modeled after the double submit cookie pattern: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Double_Submit_Cookie

When a user authenticates, embedNew is used to send a random CSRF value as a cookie. (Alternatively, an authenticating service can be wrapped in withNewToken).

By default, for requests that are unsafe (PUT, POST, DELETE, PATCH), services protected by the validated method in the middleware will check that the csrf token is present in both the header headerName and the cookie cookieName. Due to the Same-Origin policy, an attacker will be unable to reproduce this value in a custom header, resulting in a 403 Forbidden response.

By default, requests with safe methods (such as GET, OPTIONS, HEAD) will have a new token embedded in them if there isn't one, or will receive a refreshed token based off of the previous token to mitigate the BREACH vulnerability. If a request contains an invalid token, regardless of whether it is a safe method, this middleware will fail it with 403 Forbidden. In this situation, your user(s) should clear their cookies for your page, to receive a new token.

The default can be overridden by modifying the predicate in validate. It will, by default, check if the method is safe. Thus, you can provide some whitelisting capability for certain kinds of requests.

We'd like to emphasize that you please follow proper design principles in creating endpoints, as to not mutate in what should otherwise be idempotent methods (i.e no dropping your DB in a GET method, or altering user data). Please do not use the CSRF protection from this middleware as a safety net for bad design.

Self Type: CSRF[F, G]

Linear Supertypes

AnyRef, Any

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def asInstanceOf[T0]: T0

Definition Classes
Any
def checkCSRF(r: Request[G], http: F[Response[G]]): F[Response[G]]

Check for CSRF validity for an unsafe action.
def checkCSRFToken(r: Request[G], respAction: F[Response[G]], rawToken: String)(implicit F: Sync[F]): F[Response[G]]

Check for CSRF validity for an unsafe action.
Check for CSRF validity for an unsafe action.
Exposed to users in case of manual plumbing of csrf token (i.e websocket or query param)
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( ... )
def createRequestCookie(token: CSRFToken): RequestCookie
def createResponseCookie(token: CSRFToken): ResponseCookie

Create a Response cookie from a signed CSRF token
Create a Response cookie from a signed CSRF token
token
the signed csrf token
def embedInRequestCookie(r: Request[G], token: CSRFToken): Request[G]
def embedInResponseCookie(r: Response[G], token: CSRFToken): Response[G]
def embedNewInResponseCookie[M[_]](res: Response[G])(implicit arg0: Sync[M]): M[Response[G]]

Embed a token into a response *
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def extractRaw(rawToken: String): Either[CSRFCheckFailed, String]

Decode our CSRF token, check the signature and extract the original token string to sign
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
def generateToken[M[_]](implicit F: Sync[M]): M[CSRFToken]

Generate a new token *
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
def getHeaderToken(r: Request[G]): Option[String]
def hashCode(): Int

Definition Classes
AnyRef → Any
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
final def notifyAll(): Unit

Definition Classes
AnyRef
def onfailureF: F[Response[G]]
def refreshOrCreate[M[_]](r: Request[G])(implicit F: Sync[M]): EitherT[M, CSRFCheckFailed, CSRFToken]

Extract a CsrfToken, if present, from the request, then try generate a new token signature, or fail with a validation error.
Extract a CsrfToken, if present, from the request, then try generate a new token signature, or fail with a validation error. If not present, generate a new token
returns
newly refreshed token
def refreshedToken[M[_]](r: Request[G])(implicit F: Sync[M]): EitherT[M, CSRFCheckFailed, CSRFToken]

Extract a CsrfToken, if present, from the request, then try to generate a new token signature, or fail with a validation error
Extract a CsrfToken, if present, from the request, then try to generate a new token signature, or fail with a validation error
returns
newly refreshed token
def signToken[M[_]](rawToken: String)(implicit F: Sync[M]): M[CSRFToken]

Sign our token using the current time in milliseconds as a nonce Signing and generating a token is potentially a unsafe operation if constructed with a bad key.
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
def validate(predicate: (Request[G]) ⇒ Boolean = _.method.isSafe): Middleware[F, Request[G], Response[G], Request[G], Response[G]]

Constructs a middleware that will check for the csrf token presence on both the proper cookie, and header values, if the predicate is not satisfied
Constructs a middleware that will check for the csrf token presence on both the proper cookie, and header values, if the predicate is not satisfied
If it is a valid token, it will then embed a new one, to effectively randomize the complete token while avoiding the generation of a new secure random Id, to guard against [BREACH](http://breachattack.com/)
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )

Related Docs: object CSRF | package middleware

final class CSRF[F[_], G[_]] extends AnyRef

Value Members

final def !=(arg0: Any): Boolean

final def ##(): Int

final def ==(arg0: Any): Boolean

final def asInstanceOf[T0]: T0

def checkCSRF(r: Request[G], http: F[Response[G]]): F[Response[G]]

def checkCSRFToken(r: Request[G], respAction: F[Response[G]], rawToken: String)(implicit F: Sync[F]): F[Response[G]]

def clone(): AnyRef

def createRequestCookie(token: CSRFToken): RequestCookie

def createResponseCookie(token: CSRFToken): ResponseCookie

def embedInRequestCookie(r: Request[G], token: CSRFToken): Request[G]

def embedInResponseCookie(r: Response[G], token: CSRFToken): Response[G]

def embedNewInResponseCookie[M[_]](res: Response[G])(implicit arg0: Sync[M]): M[Response[G]]

final def eq(arg0: AnyRef): Boolean

def equals(arg0: Any): Boolean

def extractRaw(rawToken: String): Either[CSRFCheckFailed, String]

def finalize(): Unit

def generateToken[M[_]](implicit F: Sync[M]): M[CSRFToken]

final def getClass(): Class[_]

def getHeaderToken(r: Request[G]): Option[String]

def hashCode(): Int

final def isInstanceOf[T0]: Boolean

final def ne(arg0: AnyRef): Boolean

final def notify(): Unit

final def notifyAll(): Unit

def onfailureF: F[Response[G]]

def refreshOrCreate[M[_]](r: Request[G])(implicit F: Sync[M]): EitherT[M, CSRFCheckFailed, CSRFToken]

def refreshedToken[M[_]](r: Request[G])(implicit F: Sync[M]): EitherT[M, CSRFCheckFailed, CSRFToken]

def signToken[M[_]](rawToken: String)(implicit F: Sync[M]): M[CSRFToken]

final def synchronized[T0](arg0: ⇒ T0): T0

def toString(): String

def validate(predicate: (Request[G]) ⇒ Boolean = _.method.isSafe): Middleware[F, Request[G], Response[G], Request[G], Response[G]]

final def wait(): Unit

final def wait(arg0: Long, arg1: Int): Unit

final def wait(arg0: Long): Unit

Inherited from AnyRef

Inherited from Any

Ungrouped