Class CsrfAuthorizer
java.lang.Object
org.pac4j.core.authorization.authorizer.CsrfAuthorizer
- All Implemented Interfaces:
Authorizer
Authorizer that checks CSRF tokens.
- Since:
- 1.8.0
- Author:
- Jerome Leleu
-
Constructor Summary
ConstructorDescriptionConstructor for CsrfAuthorizer.CsrfAuthorizer
(String parameterName, String headerName) Constructor for CsrfAuthorizer.CsrfAuthorizer
(String parameterName, String headerName, boolean checkAllRequests) Constructor for CsrfAuthorizer. -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
hashEquals
(String a, String b) hashEquals.boolean
isAuthorized
(WebContext context, SessionStore sessionStore, List<UserProfile> profiles) Checks if the user profiles and / or the current web context are authorized.
-
Constructor Details
-
CsrfAuthorizer
public CsrfAuthorizer()Constructor for CsrfAuthorizer.
-
CsrfAuthorizer
Constructor for CsrfAuthorizer.
-
CsrfAuthorizer
Constructor for CsrfAuthorizer.
-
-
Method Details
-
isAuthorized
public boolean isAuthorized(WebContext context, SessionStore sessionStore, List<UserProfile> profiles) Checks if the user profiles and / or the current web context are authorized.- Specified by:
isAuthorized
in interfaceAuthorizer
- Parameters:
context
- the web contextsessionStore
- the session storeprofiles
- the user profiles- Returns:
- if the access is authorized
-
hashEquals
hashEquals.
-