Class DoubleSubmitCSRF
- java.lang.Object
-
- org.rootservices.otter.security.csrf.DoubleSubmitCSRF
-
public class DoubleSubmitCSRF extends java.lang.Object
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringCSRF_FAILEDprotected static org.slf4j.LoggerLOGGERstatic java.lang.StringSIGNATURE_INVALID
-
Constructor Summary
Constructors Constructor Description DoubleSubmitCSRF(org.rootservices.jwt.config.JwtAppFactory jwtAppFactory, RandomString randomString)DoubleSubmitCSRF(org.rootservices.jwt.config.JwtAppFactory jwtAppFactory, RandomString randomString, org.rootservices.jwt.entity.jwk.SymmetricKey preferredSignKey, java.util.Map<java.lang.String,org.rootservices.jwt.entity.jwk.SymmetricKey> rotationSignKeys)
-
Method Summary
Modifier and Type Method Description org.rootservices.jwt.entity.jwt.JsonWebTokencsrfToJwt(java.lang.String encodedCsrfCookieValue)java.lang.BooleandoTokensMatch(java.lang.String cookieValue, java.lang.String formValue)protected org.rootservices.jwt.entity.jwk.SymmetricKeygetSignKey(java.lang.String keyId)java.lang.StringmakeChallengeToken()CookiemakeCsrfCookie(java.lang.String name, ChallengeToken challengeToken, java.lang.Boolean secure, int maxAge, java.lang.Boolean isHttpOnly)voidsetPreferredSignKey(org.rootservices.jwt.entity.jwk.SymmetricKey preferredSignKey)voidsetRotationSignKeys(java.util.Map<java.lang.String,org.rootservices.jwt.entity.jwk.SymmetricKey> rotationSignKeys)protected CsrfClaimstoClaims(java.lang.String value)java.io.ByteArrayOutputStreamtoJwt(ChallengeToken challengeToken)protected java.lang.BooleanverifyCsrfCookieSignature(org.rootservices.jwt.entity.jwt.JsonWebToken csrfJwt, org.rootservices.jwt.entity.jwk.SymmetricKey signKey)
-
-
-
Field Detail
-
SIGNATURE_INVALID
public static final java.lang.String SIGNATURE_INVALID
- See Also:
- Constant Field Values
-
CSRF_FAILED
public static final java.lang.String CSRF_FAILED
- See Also:
- Constant Field Values
-
LOGGER
protected static org.slf4j.Logger LOGGER
-
-
Constructor Detail
-
DoubleSubmitCSRF
public DoubleSubmitCSRF(org.rootservices.jwt.config.JwtAppFactory jwtAppFactory, RandomString randomString)
-
DoubleSubmitCSRF
public DoubleSubmitCSRF(org.rootservices.jwt.config.JwtAppFactory jwtAppFactory, RandomString randomString, org.rootservices.jwt.entity.jwk.SymmetricKey preferredSignKey, java.util.Map<java.lang.String,org.rootservices.jwt.entity.jwk.SymmetricKey> rotationSignKeys)
-
-
Method Detail
-
doTokensMatch
public java.lang.Boolean doTokensMatch(java.lang.String cookieValue, java.lang.String formValue)
-
toClaims
protected CsrfClaims toClaims(java.lang.String value) throws CsrfException
- Throws:
CsrfException
-
csrfToJwt
public org.rootservices.jwt.entity.jwt.JsonWebToken csrfToJwt(java.lang.String encodedCsrfCookieValue) throws CsrfException- Throws:
CsrfException
-
getSignKey
protected org.rootservices.jwt.entity.jwk.SymmetricKey getSignKey(java.lang.String keyId)
-
verifyCsrfCookieSignature
protected java.lang.Boolean verifyCsrfCookieSignature(org.rootservices.jwt.entity.jwt.JsonWebToken csrfJwt, org.rootservices.jwt.entity.jwk.SymmetricKey signKey) throws CsrfException- Throws:
CsrfException
-
makeChallengeToken
public java.lang.String makeChallengeToken()
-
makeCsrfCookie
public Cookie makeCsrfCookie(java.lang.String name, ChallengeToken challengeToken, java.lang.Boolean secure, int maxAge, java.lang.Boolean isHttpOnly) throws CsrfException
- Throws:
CsrfException
-
toJwt
public java.io.ByteArrayOutputStream toJwt(ChallengeToken challengeToken) throws CsrfException
- Throws:
CsrfException
-
setPreferredSignKey
public void setPreferredSignKey(org.rootservices.jwt.entity.jwk.SymmetricKey preferredSignKey)
-
setRotationSignKeys
public void setRotationSignKeys(java.util.Map<java.lang.String,org.rootservices.jwt.entity.jwk.SymmetricKey> rotationSignKeys)
-
-