public final class CSRFTokenValidator
extends java.lang.Object
Modifier and Type | Method and Description |
---|---|
static java.lang.String |
getToken(javax.servlet.http.HttpSession session)
Return the CSRF token from the given session, create a new token if
there is currently none associated with this session.
|
static void |
validate(javax.servlet.http.HttpServletRequest request)
Validate a given request within its own session, throws a runtime
exception leading to internal server error in case of failure.
|
public static java.lang.String getToken(javax.servlet.http.HttpSession session)
session
- HttpSession to retrieve the token frompublic static void validate(javax.servlet.http.HttpServletRequest request) throws CSRFTokenException
request
- HTTPServletRequest to validate the token forCSRFTokenException
- In case the validation failed