1 package com.atlassian.sal.core.xsrf;
2
3 import com.atlassian.sal.api.xsrf.XsrfHeaderValidator;
4 import com.atlassian.sal.api.xsrf.XsrfRequestValidator;
5 import com.atlassian.sal.api.xsrf.XsrfTokenValidator;
6
7 import javax.servlet.http.HttpServletRequest;
8
9
10
11
12
13
14
15 public class XsrfRequestValidatorImpl implements XsrfRequestValidator
16 {
17 private static final XsrfHeaderValidator headerValidator =
18 new XsrfHeaderValidator();
19 private final XsrfTokenValidator tokenValidator;
20
21 public XsrfRequestValidatorImpl(XsrfTokenValidator tokenValidator)
22 {
23 this.tokenValidator = tokenValidator;
24 }
25
26
27
28
29
30
31
32
33 public boolean validateRequestPassesXsrfChecks(HttpServletRequest request)
34 {
35 return headerValidator.requestHasValidXsrfHeader(request) ||
36 tokenValidator.validateFormEncodedToken(request);
37 }
38 }