Class XsrfTokenManager

java.lang.Object
google.registry.security.XsrfTokenManager

public final class XsrfTokenManager extends Object
Helper class for generating and validate XSRF tokens.
  • Field Details

    • X_CSRF_TOKEN

      public static final String X_CSRF_TOKEN
      HTTP header or cookie name used for transmitting XSRF tokens.
      See Also:
    • P_CSRF_TOKEN

      public static final String P_CSRF_TOKEN
      POST parameter used for transmitting XSRF tokens.
      See Also:
  • Constructor Details

    • XsrfTokenManager

      @Inject public XsrfTokenManager(Clock clock)
  • Method Details

    • generateToken

      public String generateToken(String email)
      Generates an XSRF token for a given user based on email address.
    • validateToken

      public boolean validateToken(String email, String token)
      Validates an XSRF token against the current logged-in user.