Package org.springframework.security.web.csrf

Class LazyCsrfTokenRepository

java.lang.Object

org.springframework.security.web.csrf.LazyCsrfTokenRepository

All Implemented Interfaces:

CsrfTokenRepository

@Deprecated
public final class LazyCsrfTokenRepository
extends Object
implements CsrfTokenRepository

Deprecated.

Use CsrfTokenRepository.loadDeferredToken(HttpServletRequest, HttpServletResponse) which returns a DeferredCsrfToken

A CsrfTokenRepository that delays saving new CsrfToken until the attributes of the CsrfToken that were generated are accessed.

Since:

4.1

Constructor Summary

Constructors

Constructor	Description
LazyCsrfTokenRepository(CsrfTokenRepository delegate)	Deprecated. Creates a new instance

Method Summary

Modifier and Type	Method	Description
CsrfToken	generateToken(jakarta.servlet.http.HttpServletRequest request)	Deprecated. Generates a new token
CsrfToken	loadToken(jakarta.servlet.http.HttpServletRequest request)	Deprecated. Delegates to the injected CsrfTokenRepository
void	saveToken(CsrfToken token, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Deprecated. Does nothing if the CsrfToken is not null.
void	setDeferLoadToken(boolean deferLoadToken)	Deprecated. Determines if loadToken(HttpServletRequest) should be lazily loaded.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.web.csrf.CsrfTokenRepository

loadDeferredToken

Constructor Details

LazyCsrfTokenRepository

public LazyCsrfTokenRepository(CsrfTokenRepository delegate)

Deprecated.

Creates a new instance

Parameters:

delegate - the CsrfTokenRepository to use. Cannot be null

Throws:

IllegalArgumentException - if delegate is null.

Method Details

setDeferLoadToken

public void setDeferLoadToken(boolean deferLoadToken)

Deprecated.

Determines if loadToken(HttpServletRequest) should be lazily loaded.

Parameters:

deferLoadToken - true if should lazily load loadToken(HttpServletRequest). Default false.

generateToken

public CsrfToken generateToken(jakarta.servlet.http.HttpServletRequest request)

Deprecated.

Generates a new token

Specified by:

generateToken in interface CsrfTokenRepository

Parameters:

request - the HttpServletRequest to use. The HttpServletRequest must have the HttpServletResponse as an attribute with the name of HttpServletResponse.class.getName()

Returns:

the CsrfToken that was generated. Cannot be null.

saveToken

public void saveToken(CsrfToken token,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Deprecated.

Does nothing if the CsrfToken is not null. Saving is done only when the CsrfToken.getToken() is accessed from generateToken(HttpServletRequest). If it is null, then the save is performed immediately.

Specified by:

saveToken in interface CsrfTokenRepository

Parameters:

token - the CsrfToken to save or null to delete

request - the HttpServletRequest to use

response - the HttpServletResponse to use

loadToken

public CsrfToken loadToken(jakarta.servlet.http.HttpServletRequest request)

Deprecated.

Delegates to the injected CsrfTokenRepository

Specified by:

loadToken in interface CsrfTokenRepository

Parameters:

request - the HttpServletRequest to use

Returns:

the CsrfToken or null if none exists