com.mohiva.play.silhouette.impl.providers.state
CsrfStateItemHandler
Companion object CsrfStateItemHandler
class CsrfStateItemHandler extends SocialStateItemHandler with Logger with PublishableSocialStateItemHandler
Protects the application against CSRF attacks.
The handler stores a unique token in provider state and the same token in a signed client side cookie. After the provider redirects back to the application both tokens will be compared. If both tokens are the same than the application can trust the redirect source.
- Alphabetic
- By Inheritance
- CsrfStateItemHandler
- PublishableSocialStateItemHandler
- Logger
- SocialStateItemHandler
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Instance Constructors
-
new
CsrfStateItemHandler(settings: CsrfStateSettings, idGenerator: IDGenerator, signer: Signer)
- settings
The state settings.
- idGenerator
The ID generator used to create the state value.
- signer
The signer implementation.
- Annotations
- @Inject()
Type Members
-
type
Item = CsrfStateItem
The item the handler can handle.
The item the handler can handle.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
canHandle[B](item: ItemStructure)(implicit request: ExtractableRequest[B]): Boolean
Indicates if a handler can handle the given unserialized state item.
Indicates if a handler can handle the given unserialized state item.
This method should check if the unserialize method of this handler can unserialize the given serialized state item.
- B
The type of the request body.
- item
The item to check for.
- request
The request instance to get additional data to validate against.
- returns
True if the handler can handle the given state item, false otherwise.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
-
def
canHandle(item: SocialStateItem): Option[Item]
Indicates if a handler can handle the given SocialStateItem.
Indicates if a handler can handle the given SocialStateItem.
This method should check if the serialize method of this handler can serialize the given unserialized state item.
- item
The item to check for.
- returns
Some[Item]casted state item if the handler can handle the given state item,Noneotherwise.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
-
def
clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
finalize(): Unit
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
def
item(implicit ec: ExecutionContext): Future[Item]
Gets the state item the handler can handle.
Gets the state item the handler can handle.
- ec
The execution context to handle the asynchronous operations.
- returns
The state params the handler can handle.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
-
val
logger: Logger
A named logger instance.
A named logger instance.
- Definition Classes
- Logger
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
def
publish[B](item: Item, result: Result)(implicit request: ExtractableRequest[B]): Result
Publishes the CSRF token to the client.
Publishes the CSRF token to the client.
- B
The type of the request body.
- item
The item to publish.
- result
The result to send to the client.
- request
The current request.
- returns
The result to send to the client.
- Definition Classes
- CsrfStateItemHandler → PublishableSocialStateItemHandler
-
def
serialize(item: Item): ItemStructure
Returns a serialized value of the state item.
Returns a serialized value of the state item.
- item
The state item to serialize.
- returns
The serialized state item.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
-
def
unserialize[B](item: ItemStructure)(implicit request: ExtractableRequest[B], ec: ExecutionContext): Future[Item]
Unserializes the state item.
Unserializes the state item.
- B
The type of the request body.
- item
The state item to unserialize.
- request
The request instance to get additional data to validate against.
- ec
The execution context to handle the asynchronous operations.
- returns
The unserialized state item.
- Definition Classes
- CsrfStateItemHandler → SocialStateItemHandler
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()