Package org.pac4j.core.authorization.authorizer.csrf

Class CsrfTokenGeneratorAuthorizer

  • All Implemented Interfaces:
    Authorizer<UserProfile>
    public class CsrfTokenGeneratorAuthorizer
extends Object
implements Authorizer<UserProfile>
    Authorizer which creates a new CSRF token and adds it as a request attribute and as a cookie (AngularJS).
    Since:
    1.8.1
    Author:
    Jerome Leleu

    • Constructor Detail

      • CsrfTokenGeneratorAuthorizer

        public CsrfTokenGeneratorAuthorizer​(CsrfTokenGenerator csrfTokenGenerator)

    • Method Detail

      • isAuthorized

        public boolean isAuthorized​(WebContext context,
                            List<UserProfile> profiles)
        Description copied from interface: Authorizer
        Checks if the user profiles and / or the current web context are authorized.
        Specified by:
        isAuthorized in interface Authorizer<UserProfile>
        Parameters:
        context - the web context
        profiles - the user profiles
        Returns:
        if the access is authorized

      • setCsrfTokenGenerator

        public void setCsrfTokenGenerator​(CsrfTokenGenerator csrfTokenGenerator)

      • getDomain

        public String getDomain()

      • setDomain

        public void setDomain​(String domain)

      • getPath

        public String getPath()

      • setPath

        public void setPath​(String path)

      • getHttpOnly

        public Boolean getHttpOnly()

      • setHttpOnly

        public void setHttpOnly​(Boolean httpOnly)

      • getSecure

        public Boolean getSecure()

      • setSecure

        public void setSecure​(Boolean secure)

      • getMaxAge

        public Integer getMaxAge()

      • setMaxAge

        public void setMaxAge​(Integer maxAge)