Class BaseCSRFTokenPredicate

java.lang.Object
net.shibboleth.idp.ui.csrf.BaseCSRFTokenPredicate
Direct Known Subclasses:
DefaultEventRequiresCSRFTokenValidationPredicate, DefaultViewRequiresCSRFTokenPredicate

public abstract class BaseCSRFTokenPredicate
extends Object
A base helper class for predicates that determine if CSRF protection is required per state.
  • Field Details

    • CSRF_EXCLUDED_ATTRIBUTE_NAME

      @Nonnull @NotEmpty public static final String CSRF_EXCLUDED_ATTRIBUTE_NAME
      Name of the metadata attribute that, if true, excludes a view from CSRF protection.
      See Also:
      Constant Field Values
  • Constructor Details

    • BaseCSRFTokenPredicate

      public BaseCSRFTokenPredicate()
  • Method Details

    • safeGetBooleanStateAttribute

      @Nonnull protected boolean safeGetBooleanStateAttribute​(@Nullable StateDefinition state, @Nullable String attributeName, @Nonnull boolean defaultValue)
      Safe get the boolean value of the attribute from the attributes annotating the StateDefinition. Returns the defaultValue if either:
      • the state is null.
      • attributeName is null or no value is found.
      • the value is found but is not a Boolean.
      Parameters:
      state - the state definition to find the attribute from.
      attributeName - the name of the attribute to find.
      defaultValue - a default value.
      Returns:
      the boolean value of the attribute on the state definition.