Class WebSessionServerCsrfTokenRepository
java.lang.Object
org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
- All Implemented Interfaces:
ServerCsrfTokenRepository
public class WebSessionServerCsrfTokenRepository
extends Object
implements ServerCsrfTokenRepository
- Since:
- 5.0
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<CsrfToken>
generateToken
(org.springframework.web.server.ServerWebExchange exchange) Generates aCsrfToken
reactor.core.publisher.Mono<CsrfToken>
loadToken
(org.springframework.web.server.ServerWebExchange exchange) Loads the expectedCsrfToken
from theServerWebExchange
reactor.core.publisher.Mono<Void>
Saves theCsrfToken
using theServerWebExchange
.void
setHeaderName
(String headerName) void
setParameterName
(String parameterName) Sets theHttpServletRequest
parameter name that theCsrfToken
is expected to appear onvoid
setSessionAttributeName
(String sessionAttributeName) Sets theHttpSession
attribute name that theCsrfToken
is stored in
-
Constructor Details
-
WebSessionServerCsrfTokenRepository
public WebSessionServerCsrfTokenRepository()
-
-
Method Details
-
generateToken
public reactor.core.publisher.Mono<CsrfToken> generateToken(org.springframework.web.server.ServerWebExchange exchange) Description copied from interface:ServerCsrfTokenRepository
Generates aCsrfToken
- Specified by:
generateToken
in interfaceServerCsrfTokenRepository
- Parameters:
exchange
- theServerWebExchange
to use- Returns:
- the
CsrfToken
that was generated. Cannot be null.
-
saveToken
public reactor.core.publisher.Mono<Void> saveToken(org.springframework.web.server.ServerWebExchange exchange, CsrfToken token) Description copied from interface:ServerCsrfTokenRepository
Saves theCsrfToken
using theServerWebExchange
. If theCsrfToken
is null, it is the same as deleting it.- Specified by:
saveToken
in interfaceServerCsrfTokenRepository
- Parameters:
exchange
- theServerWebExchange
to usetoken
- theCsrfToken
to save or null to delete
-
loadToken
public reactor.core.publisher.Mono<CsrfToken> loadToken(org.springframework.web.server.ServerWebExchange exchange) Description copied from interface:ServerCsrfTokenRepository
Loads the expectedCsrfToken
from theServerWebExchange
- Specified by:
loadToken
in interfaceServerCsrfTokenRepository
- Parameters:
exchange
- theServerWebExchange
to use- Returns:
- the
CsrfToken
or null if none exists
-
setParameterName
Sets theHttpServletRequest
parameter name that theCsrfToken
is expected to appear on- Parameters:
parameterName
- the new parameter name to use
-
setHeaderName
Sets the header name that theCsrfToken
is expected to appear on and the header that the response will contain theCsrfToken
.- Parameters:
headerName
- the new header name to use
-
setSessionAttributeName
Sets theHttpSession
attribute name that theCsrfToken
is stored in- Parameters:
sessionAttributeName
- the new attribute name to use
-