Class SimpleCSRFToken

All Implemented Interfaces:
Serializable, CSRFToken

@Immutable public class SimpleCSRFToken extends Object implements CSRFToken
A default, immutable, implementation of a CSRFToken.
See Also:
  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      Serial UID.
      See Also:
    • token

      @Nonnull @NotEmpty private String token
      The anti-csrf token value.
    • parameterName

      @Nonnull @NotEmpty private String parameterName
      The HTTP parameter that holds the token value.
  • Constructor Details

    • SimpleCSRFToken

      public SimpleCSRFToken(@Nonnull @NotEmpty String csrfToken, @Nonnull @NotEmpty String paramName)
      csrfToken - the anti-csrf token value
      paramName - the HTTP parameter name that holds the anti-csrf token.
  • Method Details

    • getParameterName

      public String getParameterName()
      The name to be used in HTML form input elements to store the CSRF token value. Expected to be present as a parameter in a HTTP request.
      Specified by:
      getParameterName in interface CSRFToken
      the HTTP parameter name that contains the value of the token.
    • getToken

      public String getToken()
      The anti-CSRF token value. The token should be cryptographically strong.
      Specified by:
      getToken in interface CSRFToken
      the anti-CSRF token.