Package com.axelor.auth.pac4j

Class AxelorCsrfAuthorizer

java.lang.Object
org.pac4j.core.authorization.authorizer.CsrfAuthorizer
com.axelor.auth.pac4j.AxelorCsrfAuthorizer
All Implemented Interfaces:
org.pac4j.core.authorization.authorizer.Authorizer
@Singleton public class AxelorCsrfAuthorizer extends org.pac4j.core.authorization.authorizer.CsrfAuthorizer

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    CSRF_AUTHORIZER_NAME
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    AxelorCsrfAuthorizer(ClientListService clientListService)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    isAuthorized(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore, List<org.pac4j.core.profile.UserProfile> profiles)
    Checks if the user profiles and / or the current web context are authorized.

    Methods inherited from class org.pac4j.core.authorization.authorizer.CsrfAuthorizer

    getHeaderName, getParameterName, hashEquals, isCheckAllRequests, setCheckAllRequests, setHeaderName, setParameterName, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Field Details

  • Constructor Details

    • AxelorCsrfAuthorizer

      @Inject public AxelorCsrfAuthorizer(ClientListService clientListService)

  • Method Details

    • isAuthorized

      public boolean isAuthorized(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore, List<org.pac4j.core.profile.UserProfile> profiles)
      Checks if the user profiles and / or the current web context are authorized.

      No CSRF check needed for native and direct clients.

      Specified by:
      isAuthorized in interface org.pac4j.core.authorization.authorizer.Authorizer
      Overrides:
      isAuthorized in class org.pac4j.core.authorization.authorizer.CsrfAuthorizer
      Parameters:
      context - the web context
      sessionStore - the session store
      profiles - the user profiles
      Returns:
      if the access is authorized