CsrfAuthorizer (pac4j core 2.3.1 API)

java.lang.Object
- org.pac4j.core.authorization.authorizer.csrf.CsrfAuthorizer

All Implemented Interfaces:

Authorizer<CommonProfile>
```
public class CsrfAuthorizer
extends java.lang.Object
implements Authorizer<CommonProfile>
```
Authorizer that checks CSRF tokens.

Since:

1.8.0

Author:

Jerome Leleu

Constructor Summary

Constructors
Constructor and Description
`CsrfAuthorizer()`
`CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName)`
`CsrfAuthorizer(java.lang.String parameterName, java.lang.String headerName, boolean onlyCheckPostRequest)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`java.lang.String`	`getHeaderName()`
`java.lang.String`	`getParameterName()`
`boolean`	`isAuthorized(WebContext context, java.util.List<CommonProfile> profiles)` Checks if the user profiles and / or the current web context are authorized.
`boolean`	`isOnlyCheckPostRequest()`
`void`	`setHeaderName(java.lang.String headerName)`
`void`	`setOnlyCheckPostRequest(boolean onlyCheckPostRequest)`
`void`	`setParameterName(java.lang.String parameterName)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CsrfAuthorizer
```
public CsrfAuthorizer()
```

CsrfAuthorizer

public CsrfAuthorizer(java.lang.String parameterName,
                      java.lang.String headerName)

CsrfAuthorizer

public CsrfAuthorizer(java.lang.String parameterName,
                      java.lang.String headerName,
                      boolean onlyCheckPostRequest)

Method Detail

isAuthorized
```
public boolean isAuthorized(WebContext context,
                            java.util.List<CommonProfile> profiles)
                     throws HttpAction
```
Description copied from interface: Authorizer

Checks if the user profiles and / or the current web context are authorized.

Specified by:

isAuthorized in interface Authorizer<CommonProfile>

Parameters:

context - the web context

profiles - the user profiles

Returns:

if the access is authorized

Throws:

HttpAction - whether an additional HTTP action is required

getParameterName

public java.lang.String getParameterName()

setParameterName

public void setParameterName(java.lang.String parameterName)

getHeaderName

public java.lang.String getHeaderName()

setHeaderName

public void setHeaderName(java.lang.String headerName)

isOnlyCheckPostRequest

public boolean isOnlyCheckPostRequest()

setOnlyCheckPostRequest

public void setOnlyCheckPostRequest(boolean onlyCheckPostRequest)

Class CsrfAuthorizer

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CsrfAuthorizer

CsrfAuthorizer

CsrfAuthorizer

Method Detail

isAuthorized

getParameterName

setParameterName

getHeaderName

setHeaderName

isOnlyCheckPostRequest

setOnlyCheckPostRequest