public final class LazyCsrfTokenRepository extends java.lang.Object implements CsrfTokenRepository
CsrfTokenRepository that delays saving new CsrfToken until the
attributes of the CsrfToken that were generated are accessed.| Constructor and Description |
|---|
LazyCsrfTokenRepository(CsrfTokenRepository delegate)
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
CsrfToken |
generateToken(javax.servlet.http.HttpServletRequest request)
Generates a new token
|
CsrfToken |
loadToken(javax.servlet.http.HttpServletRequest request)
Delegates to the injected
CsrfTokenRepository |
void |
saveToken(CsrfToken token,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Does nothing if the
CsrfToken is not null. |
public LazyCsrfTokenRepository(CsrfTokenRepository delegate)
delegate - the CsrfTokenRepository to use. Cannot be nulljava.lang.IllegalArgumentException - if delegate is null.public CsrfToken generateToken(javax.servlet.http.HttpServletRequest request)
generateToken in interface CsrfTokenRepositoryrequest - the HttpServletRequest to use. The
HttpServletRequest must have the HttpServletResponse as an
attribute with the name of HttpServletResponse.class.getName()CsrfToken that was generated. Cannot be null.public void saveToken(CsrfToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
CsrfToken is not null. Saving is done only when the
CsrfToken.getToken() iis accessed from
generateToken(HttpServletRequest). If it is null, then the save is
performed immediately.saveToken in interface CsrfTokenRepositorytoken - the CsrfToken to save or null to deleterequest - the HttpServletRequest to useresponse - the HttpServletResponse to usepublic CsrfToken loadToken(javax.servlet.http.HttpServletRequest request)
CsrfTokenRepositoryloadToken in interface CsrfTokenRepositoryrequest - the HttpServletRequest to useCsrfToken or null if none exists