XsrfTokenGenerator (Atlassian JIRA

All Known Implementing Classes:

BootstrapXsrfTokenGenerator, SimpleXsrfTokenGenerator
```
public interface XsrfTokenGenerator
```
Interface for generating anti-XSRF tokens for web forms.
The default implementation (available viw dependency injection) should be good enough for anyone, but this interface is provided just in case anyone wants to implement their own token generation strategy.

Since:

v4.1

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`TOKEN_HTTP_SESSION_KEY` The name of the XSRF token put ino the HTTP session
`static String`	`TOKEN_WEB_PARAMETER_KEY` The name of the XSRF token parameter sent in on a web request

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`generatedByAuthenticatedUser(String token)` This returns true of the token was generated by an authenticated user
`String`	`generateToken()` Gets the token from the current request, generating a new one if none is found
`String`	`generateToken(boolean create)` Gets the token from the current request, optionally generating a new one if none is found
`String`	`generateToken(javax.servlet.http.HttpServletRequest request)` Gets the token from the current request, generating a new one if none is found
`String`	`generateToken(javax.servlet.http.HttpServletRequest request, boolean create)` Gets the token from the current request, optionally generating a new one if none is found
`String`	`getToken(javax.servlet.http.HttpServletRequest request)` Gets the token from the current request, generating a new one if none is found
`String`	`getXsrfTokenName()` Convenience method which will return the name to be used for a supplied XsrfToken in a request.
`boolean`	`validateToken(javax.servlet.http.HttpServletRequest request, String token)` Validate a form token received as part of a web request

- Field Detail
  - TOKEN_HTTP_SESSION_KEY
```
static final String TOKEN_HTTP_SESSION_KEY
```
    The name of the XSRF token put ino the HTTP session
    
    See Also:
    
    Constant Field Values
  - TOKEN_WEB_PARAMETER_KEY
```
static final String TOKEN_WEB_PARAMETER_KEY
```
    The name of the XSRF token parameter sent in on a web request
    
    See Also:
    
    Constant Field Values
- Method Detail
  - generateToken
```
String generateToken()
```
    Gets the token from the current request, generating a new one if none is found
    
    Returns:
    
    a valid XSRF form token
  - generateToken
```
String generateToken(boolean create)
```
    Gets the token from the current request, optionally generating a new one if none is found
    
    Parameters:
    
    create - true to create token if none is found
    
    Returns:
    
    a valid XSRF form token
  - generateToken
```
String generateToken(javax.servlet.http.HttpServletRequest request)
```
    Gets the token from the current request, generating a new one if none is found
    
    Parameters:
    
    request - the request the token is being generated for
    
    Returns:
    
    a valid XSRF form token
  - generateToken
```
String generateToken(javax.servlet.http.HttpServletRequest request,
                     boolean create)
```
    Gets the token from the current request, optionally generating a new one if none is found
    
    Parameters:
    
    request - the request the token is being generated for
    
    create - true to create token if none is found
    
    Returns:
    
    a valid XSRF form token
  - getToken
```
String getToken(javax.servlet.http.HttpServletRequest request)
```
    Gets the token from the current request, generating a new one if none is found
    
    Parameters:
    
    request - request that contains the form token.
    
    Returns:
    
    the token stored in the cookie of this request.
  - getXsrfTokenName
```
String getXsrfTokenName()
```
    Convenience method which will return the name to be used for a supplied XsrfToken in a request.
    
    Returns:
    
    the name in the request for the Xsrf token.
  - validateToken
```
boolean validateToken(javax.servlet.http.HttpServletRequest request,
                      String token)
```
    Validate a form token received as part of a web request
    
    Parameters:
    
    request - the request the token was received in
    
    token - the token
    
    Returns:
    
    true iff the token is valid
  - generatedByAuthenticatedUser
```
boolean generatedByAuthenticatedUser(String token)
```
    This returns true of the token was generated by an authenticated user
    
    Parameters:
    
    token - the XSRF token in question
    
    Returns:
    
    true if the token was generated by an authenticated user.

Interface XsrfTokenGenerator

Field Summary

Method Summary

Field Detail

TOKEN_HTTP_SESSION_KEY

TOKEN_WEB_PARAMETER_KEY

Method Detail

generateToken

generateToken

generateToken

generateToken

getToken

getXsrfTokenName

validateToken

generatedByAuthenticatedUser