java.lang.Object
- org.pac4j.core.authorization.authorizer.CsrfAuthorizer

All Implemented Interfaces:

Authorizer
```
public class CsrfAuthorizer
extends java.lang.Object
implements Authorizer
```
Authorizer that checks CSRF tokens.

Since:

1.8.0

Author:

Jerome Leleu

Constructor Summary

Constructors
Constructor	Description
`CsrfAuthorizer()`
`CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName)`
`CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName, boolean checkAllRequests)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`java.lang.String`	`getHeaderName()`
`java.lang.String`	`getParameterName()`
`protected boolean`	`hashEquals(java.lang.String a, java.lang.String b)`
`boolean`	`isAuthorized(WebContext context, SessionStore sessionStore, java.util.List<UserProfile> profiles)`	Checks if the user profiles and / or the current web context are authorized.
`boolean`	`isCheckAllRequests()`
`void`	`setCheckAllRequests(boolean checkAllRequests)`
`void`	`setHeaderName(java.lang.String headerName)`
`void`	`setParameterName(java.lang.String parameterName)`
`java.lang.String`	`toString()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

CsrfAuthorizer
```
public CsrfAuthorizer()
```

CsrfAuthorizer

public CsrfAuthorizer(java.lang.String parameterName,
                      java.lang.String headerName)

CsrfAuthorizer

public CsrfAuthorizer(java.lang.String parameterName,
                      java.lang.String headerName,
                      boolean checkAllRequests)

Method Detail

isAuthorized
```
public boolean isAuthorized(WebContext context,
                            SessionStore sessionStore,
                            java.util.List<UserProfile> profiles)
```
Description copied from interface: Authorizer

Checks if the user profiles and / or the current web context are authorized.

Specified by:

isAuthorized in interface Authorizer

Parameters:

context - the web context

sessionStore - the session store

profiles - the user profiles

Returns:

if the access is authorized

hashEquals

protected boolean hashEquals(java.lang.String a,
                             java.lang.String b)

getParameterName

public java.lang.String getParameterName()

setParameterName

public void setParameterName(java.lang.String parameterName)

getHeaderName

public java.lang.String getHeaderName()

setHeaderName

public void setHeaderName(java.lang.String headerName)

isCheckAllRequests
```
public boolean isCheckAllRequests()
```

setCheckAllRequests

public void setCheckAllRequests(boolean checkAllRequests)

toString
```
public java.lang.String toString()
```
Overrides:

toString in class java.lang.Object

Class CsrfAuthorizer

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CsrfAuthorizer

CsrfAuthorizer

CsrfAuthorizer

Method Detail

isAuthorized

hashEquals

getParameterName

setParameterName

getHeaderName

setHeaderName

isCheckAllRequests

setCheckAllRequests

toString