Package com.atlassian.jira.security.xsrf

Class BootstrapXsrfTokenGenerator

java.lang.Object
com.atlassian.jira.security.xsrf.BootstrapXsrfTokenGenerator
All Implemented Interfaces:
XsrfTokenGenerator
public class BootstrapXsrfTokenGenerator extends Object implements XsrfTokenGenerator
A no-op XsrfTokenGenerator that is added to the Bootstrap container because it is required in Servlet Filters.
Since:
v6.4.5

  • Constructor Details

    • BootstrapXsrfTokenGenerator

      public BootstrapXsrfTokenGenerator()

  • Method Details

    • generateToken

      public String generateToken()
      Description copied from interface: XsrfTokenGenerator
      Gets the token from the current request, generating a new one if none is found
      Specified by:
      generateToken in interface XsrfTokenGenerator
      Returns:
      a valid XSRF form token

    • generateToken

      public String generateToken(boolean create)
      Description copied from interface: XsrfTokenGenerator
      Gets the token from the current request, optionally generating a new one if none is found
      Specified by:
      generateToken in interface XsrfTokenGenerator
      Parameters:
      create - true to create token if none is found
      Returns:
      a valid XSRF form token

    • generateToken

      public String generateToken(javax.servlet.http.HttpServletRequest request)
      Description copied from interface: XsrfTokenGenerator
      Gets the token from the current request, generating a new one if none is found
      Specified by:
      generateToken in interface XsrfTokenGenerator
      Parameters:
      request - the request the token is being generated for
      Returns:
      a valid XSRF form token

    • generateToken

      public String generateToken(javax.servlet.http.HttpServletRequest request, boolean create)
      Description copied from interface: XsrfTokenGenerator
      Gets the token from the current request, optionally generating a new one if none is found
      Specified by:
      generateToken in interface XsrfTokenGenerator
      Parameters:
      request - the request the token is being generated for
      create - true to create token if none is found
      Returns:
      a valid XSRF form token

    • getToken

      public String getToken(javax.servlet.http.HttpServletRequest request)
      Description copied from interface: XsrfTokenGenerator
      Gets the token from the current request, generating a new one if none is found
      Specified by:
      getToken in interface XsrfTokenGenerator
      Parameters:
      request - request that contains the form token.
      Returns:
      the token stored in the cookie of this request.

    • getXsrfTokenName

      public String getXsrfTokenName()
      Description copied from interface: XsrfTokenGenerator
      Convenience method which will return the name to be used for a supplied XsrfToken in a request.
      Specified by:
      getXsrfTokenName in interface XsrfTokenGenerator
      Returns:
      the name in the request for the Xsrf token.

    • validateToken

      public boolean validateToken(javax.servlet.http.HttpServletRequest request, String token)
      Description copied from interface: XsrfTokenGenerator
      Validate a form token received as part of a web request
      Specified by:
      validateToken in interface XsrfTokenGenerator
      Parameters:
      request - the request the token was received in
      token - the token
      Returns:
      true iff the token is valid

    • generatedByAuthenticatedUser

      public boolean generatedByAuthenticatedUser(String token)
      Description copied from interface: XsrfTokenGenerator
      This returns true of the token was generated by an authenticated user
      Specified by:
      generatedByAuthenticatedUser in interface XsrfTokenGenerator
      Parameters:
      token - the XSRF token in question
      Returns:
      true if the token was generated by an authenticated user.