View Javadoc

1   package com.atlassian.sal.core.csrf;
2   
3   import com.atlassian.sal.api.xsrf.XsrfHeaderValidator;
4   import com.atlassian.sal.api.xsrf.XsrfRequestValidator;
5   import com.atlassian.sal.api.xsrf.XsrfTokenValidator;
6   import com.atlassian.sal.core.xsrf.XsrfRequestValidatorImpl;
7   
8   import javax.servlet.http.HttpServletRequest;
9   
10  /**
11   * Provides an implementation of checking if a request
12   * contains either a valid csrf token or a
13   * valid csrf header {@link XsrfHeaderValidator#TOKEN_HEADER}.
14   * @since v2.10.13
15   * @deprecated since v2.10.18 use {@link XsrfRequestValidator} instead.
16   */
17  public class CsrfRequestValidator implements XsrfRequestValidator
18  {
19      private final XsrfRequestValidator xsrfRequestValidator;
20  
21      public CsrfRequestValidator(XsrfTokenValidator tokenValidator)
22      {
23          xsrfRequestValidator = new XsrfRequestValidatorImpl(tokenValidator);
24      }
25  
26      /**
27       * Returns true iff the given request has a valid csrf token or a
28       * valid csrf header.
29       * @param request the request to check.
30       * @return true iff the given request has a valid csrf token or a
31       * valid csrf header.
32       */
33      public boolean validateRequestPassesXsrfChecks(HttpServletRequest request)
34      {
35          return xsrfRequestValidator.validateRequestPassesXsrfChecks(request);
36      }
37  }