View Javadoc
1   package com.atlassian.sal.api.xsrf;
2   
3   import javax.servlet.http.HttpServletRequest;
4   import javax.servlet.http.HttpServletResponse;
5   
6   /**
7    * Gives access to the applications XSRF tokens
8    *
9    * @since 2.4
10   */
11  public interface XsrfTokenAccessor {
12      /**
13       * Get the persistent token for the given request, that is, the token stored in the users session or in a cookie,
14       * not the token submitted as part of a form.
15       *
16       * @param request  The request to get the token from
17       * @param response The response to add the cookie to if necessary, can be null, if create is false.
18       * @param create   Whether a new token should be created if there is none in the request.  The new token should be
19       *                 persistent across subsequent requests, ie, added to the users session or a cookie.
20       * @return The token for the request, or null if no token was found and create was false
21       */
22      String getXsrfToken(HttpServletRequest request, HttpServletResponse response, boolean create);
23  }