Package org.openrefine.commands
Class CSRFTokenFactory
- java.lang.Object
-
- org.openrefine.commands.CSRFTokenFactory
-
public class CSRFTokenFactory extends Object
Generates CSRF tokens and checks their validity.- Author:
- Antonin Delpeuch
-
-
Field Summary
Fields Modifier and Type Field Description protected SecureRandomrngRandom number generator used to create tokensprotected longtimeToLiveTime to live for tokens, in secondsprotected com.google.common.cache.LoadingCache<String,Instant>tokenCacheMaps each token to the time it was generatedprotected inttokenLengthLength of the tokens to generate
-
Constructor Summary
Constructors Constructor Description CSRFTokenFactory(long timeToLive, int tokenLength)Constructs a new CSRF token factory.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetFreshToken()Generates a fresh CSRF token, which will remain valid for the configured amount of time.booleanvalidToken(String token)Checks that a given CSRF token is valid.
-
-
-
Field Detail
-
tokenCache
protected final com.google.common.cache.LoadingCache<String,Instant> tokenCache
Maps each token to the time it was generated
-
timeToLive
protected final long timeToLive
Time to live for tokens, in seconds
-
tokenLength
protected final int tokenLength
Length of the tokens to generate
-
rng
protected final SecureRandom rng
Random number generator used to create tokens
-
-
Method Detail
-
getFreshToken
public String getFreshToken()
Generates a fresh CSRF token, which will remain valid for the configured amount of time.
-
validToken
public boolean validToken(String token)
Checks that a given CSRF token is valid.- Parameters:
token- the token to verify- Returns:
- true if the token is valid
-
-