Package net.shibboleth.idp.ui.csrf

Interface CSRFToken

All Superinterfaces:
Serializable
All Known Implementing Classes:
SimpleCSRFToken
public interface CSRFToken
extends Serializable
An anti cross-site request forgery token.

  • Method Summary

    Modifier and Type Method Description
    String getParameterName()
    The name to be used in HTML form input elements to store the CSRF token value.
    String getToken()
    The anti-CSRF token value.

  • Method Details

    • getParameterName

      @Nonnull String getParameterName()
      The name to be used in HTML form input elements to store the CSRF token value. Expected to be present as a parameter in a HTTP request.
      Returns:
      the HTTP parameter name that contains the value of the token.

    • getToken

      @Nonnull String getToken()
      The anti-CSRF token value. The token should be cryptographically strong.
      Returns:
      the anti-CSRF token.