java.lang.Object
- org.springframework.security.web.server.csrf.ServerCsrfTokenRequestAttributeHandler

All Implemented Interfaces:

ServerCsrfTokenRequestHandler, ServerCsrfTokenRequestResolver

Direct Known Subclasses:

XorServerCsrfTokenRequestAttributeHandler
```
public class ServerCsrfTokenRequestAttributeHandler
extends java.lang.Object
implements ServerCsrfTokenRequestHandler
```
An implementation of the ServerCsrfTokenRequestHandler interface that is capable of making the CsrfToken available as an exchange attribute and resolving the token value as either a form data value or header of the request.

Since:

5.8

Constructor Summary

Constructors
Constructor Description

ServerCsrfTokenRequestAttributeHandler()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`handle(org.springframework.web.server.ServerWebExchange exchange, reactor.core.publisher.Mono<CsrfToken> csrfToken)`	Handles a request using a `CsrfToken`.
`reactor.core.publisher.Mono<java.lang.String>`	`resolveCsrfTokenValue(org.springframework.web.server.ServerWebExchange exchange, CsrfToken csrfToken)`	Returns the token value resolved from the provided `ServerWebExchange` and `CsrfToken` or `Mono.empty()` if not available.
`void`	`setTokenFromMultipartDataEnabled(boolean tokenFromMultipartDataEnabled)`	Specifies if the `ServerCsrfTokenRequestResolver` should try to resolve the actual CSRF token from the body of multipart data requests.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ServerCsrfTokenRequestAttributeHandler
```
public ServerCsrfTokenRequestAttributeHandler()
```
- Method Detail
  - handle
```
public void handle(org.springframework.web.server.ServerWebExchange exchange,
                   reactor.core.publisher.Mono<CsrfToken> csrfToken)
```
    Description copied from interface: ServerCsrfTokenRequestHandler
    
    Handles a request using a CsrfToken.
    
    Specified by:
    
    handle in interface ServerCsrfTokenRequestHandler
    
    Parameters:
    
    exchange - the ServerWebExchange with the request being handled
    
    csrfToken - the Mono<CsrfToken> created by the ServerCsrfTokenRepository
  - resolveCsrfTokenValue
```
public reactor.core.publisher.Mono<java.lang.String> resolveCsrfTokenValue(org.springframework.web.server.ServerWebExchange exchange,
                                                                           CsrfToken csrfToken)
```
    Description copied from interface: ServerCsrfTokenRequestResolver
    
    Returns the token value resolved from the provided ServerWebExchange and CsrfToken or Mono.empty() if not available.
    
    Specified by:
    
    resolveCsrfTokenValue in interface ServerCsrfTokenRequestHandler
    
    Specified by:
    
    resolveCsrfTokenValue in interface ServerCsrfTokenRequestResolver
    
    Parameters:
    
    exchange - the ServerWebExchange with the request being processed
    
    csrfToken - the CsrfToken created by the ServerCsrfTokenRepository
    
    Returns:
    
    the token value resolved from the request
  - setTokenFromMultipartDataEnabled
```
public void setTokenFromMultipartDataEnabled(boolean tokenFromMultipartDataEnabled)
```
    Specifies if the ServerCsrfTokenRequestResolver should try to resolve the actual CSRF token from the body of multipart data requests.
    
    Parameters:
    
    tokenFromMultipartDataEnabled - true if should read from multipart form body, else false. Default is false

Class ServerCsrfTokenRequestAttributeHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ServerCsrfTokenRequestAttributeHandler

Method Detail

handle

resolveCsrfTokenValue

setTokenFromMultipartDataEnabled