CSRFTokenScriptService (XWiki Platform

java.lang.Object
- org.xwiki.csrf.script.CSRFTokenScriptService

All Implemented Interfaces:: CSRFToken, org.xwiki.script.service.ScriptService

@Component(roles=org.xwiki.script.service.ScriptService.class)
 @Named(value="csrf")
 @Singleton
public class CSRFTokenScriptService
extends Object
implements CSRFToken, org.xwiki.script.service.ScriptService

Script service wrapping a CSRFToken component.

Since:: 2.5M2
Version:: $Id: 30f3f2c6fc37b73ba3edc8f28aebfafca2879198 $

Constructor Summary

Constructors
Constructor and Description

CSRFTokenScriptService()

Constructors
Constructor and Description
`CSRFTokenScriptService()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`clearToken()` Removes the anti-CSRF token associated with the current user.
`String`	`getResubmissionURL()` Get the URL where a failed request should be redirected to.
`String`	`getToken()` Returns the anti-CSRF token associated with the current user.
`boolean`	`isTokenValid(String token)` Check if the given `token` matches the internally stored token associated with the current user.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CSRFTokenScriptService
```
public CSRFTokenScriptService()
```
- Method Detail
  - getToken
```
public String getToken()
```
    Description copied from interface: CSRFToken
    
    Returns the anti-CSRF token associated with the current user. Creates a fresh token on first call.
    
    Specified by:
    
    getToken in interface CSRFToken
    
    Returns:
    
    the secret token
    
    See Also:
    
    CSRFToken.isTokenValid(String)
  - clearToken
```
public void clearToken()
```
    Description copied from interface: CSRFToken
    
    Removes the anti-CSRF token associated with the current user. Current token is invalidated immediately, a subsequent call of CSRFToken.getToken() will generate a fresh token.
    
    Specified by:
    
    clearToken in interface CSRFToken
  - isTokenValid
```
public boolean isTokenValid(String token)
```
    Description copied from interface: CSRFToken
    
    Check if the given token matches the internally stored token associated with the current user.
    
    Specified by:
    
    isTokenValid in interface CSRFToken
    
    Parameters:
    
    token - random token from the request
    
    Returns:
    
    true if the component is disabled or the given token is correct, false otherwise
  - getResubmissionURL
```
public String getResubmissionURL()
```
    Description copied from interface: CSRFToken
    
    Get the URL where a failed request should be redirected to.
    
    Specified by:
    
    getResubmissionURL in interface CSRFToken
    
    Returns:
    
    URL of the resubmission page with correct parameters

Class CSRFTokenScriptService

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CSRFTokenScriptService

Method Detail

getToken

clearToken

isTokenValid

getResubmissionURL