public final class LazyCsrfTokenRepository extends java.lang.Object implements CsrfTokenRepository
CsrfTokenRepository
that delays saving new CsrfToken
until the
attributes of the CsrfToken
that were generated are accessed.Constructor and Description |
---|
LazyCsrfTokenRepository(CsrfTokenRepository delegate)
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
CsrfToken |
generateToken(javax.servlet.http.HttpServletRequest request)
Generates a new token
|
CsrfToken |
loadToken(javax.servlet.http.HttpServletRequest request)
Delegates to the injected
CsrfTokenRepository |
void |
saveToken(CsrfToken token,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Does nothing if the
CsrfToken is not null. |
public LazyCsrfTokenRepository(CsrfTokenRepository delegate)
delegate
- the CsrfTokenRepository
to use. Cannot be nulljava.lang.IllegalArgumentException
- if delegate is null.public CsrfToken generateToken(javax.servlet.http.HttpServletRequest request)
generateToken
in interface CsrfTokenRepository
request
- the HttpServletRequest
to use. The
HttpServletRequest
must have the HttpServletResponse
as an
attribute with the name of HttpServletResponse.class.getName()
CsrfToken
that was generated. Cannot be null.public void saveToken(CsrfToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
CsrfToken
is not null. Saving is done only when the
CsrfToken.getToken()
is accessed from
generateToken(HttpServletRequest)
. If it is null, then the save is
performed immediately.saveToken
in interface CsrfTokenRepository
token
- the CsrfToken
to save or null to deleterequest
- the HttpServletRequest
to useresponse
- the HttpServletResponse
to usepublic CsrfToken loadToken(javax.servlet.http.HttpServletRequest request)
CsrfTokenRepository
loadToken
in interface CsrfTokenRepository
request
- the HttpServletRequest
to useCsrfToken
or null if none exists