Class: VertxWeb::CSRFHandler

Inherits:
Object
  • Object
show all
Defined in:
/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb

Overview

This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers.

Constant Summary

@@j_api_type =
Object.new

Class Method Summary (collapse)

Instance Method Summary (collapse)

Class Method Details

+ (Boolean) accept?(obj)

Returns:

  • (Boolean)


25
26
27
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 25

def @@j_api_type.accept?(obj)
  obj.class == CSRFHandler
end

+ (::VertxWeb::CSRFHandler) create(vertx, secret)

Instantiate a new CSRFHandlerImpl with a secret


 CSRFHandler.create("s3cr37")

Parameters:

  • vertx (::Vertx::Vertx)
  • secret (String)
    server secret to sign the token.

Returns:



110
111
112
113
114
115
116
117
118
119
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 110

def self.create(*args)
  if args[0].class.method_defined?(:j_del) && args[1].class == String && !block_given?
    return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtWebHandler::CSRFHandler.java_method(:create, [Java::IoVertxCore::Vertx.java_class,Java::java.lang.String.java_class]).call(args[0].j_del,args[1]),::VertxWeb::CSRFHandler)
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling create(#{args[0]},#{args[1]})"
  end
end


168
169
170
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 168

def self.DEFAULT_COOKIE_NAME
  Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_NAME
end


171
172
173
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 171

def self.DEFAULT_COOKIE_PATH
  Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_PATH
end

+ (Object) DEFAULT_HEADER_NAME



174
175
176
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 174

def self.DEFAULT_HEADER_NAME
  Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_HEADER_NAME
end

+ (Object) DEFAULT_RESPONSE_BODY



177
178
179
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 177

def self.DEFAULT_RESPONSE_BODY
  Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_RESPONSE_BODY
end

+ (Object) ERROR_MESSAGE



165
166
167
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 165

def self.ERROR_MESSAGE
  Java::IoVertxExtWebHandler::CSRFHandler.ERROR_MESSAGE
end

+ (Object) j_api_type



34
35
36
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 34

def self.j_api_type
  @@j_api_type
end

+ (Object) j_class



37
38
39
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 37

def self.j_class
  Java::IoVertxExtWebHandler::CSRFHandler.java_class
end

+ (Object) unwrap(obj)



31
32
33
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 31

def @@j_api_type.unwrap(obj)
  obj.j_del
end

+ (Object) wrap(obj)



28
29
30
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 28

def @@j_api_type.wrap(obj)
  CSRFHandler.new(obj)
end

Instance Method Details

- (void) handle(event)

This method returns an undefined value.

Something has happened, so handle it.

Parameters:



140
141
142
143
144
145
146
147
148
149
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 140

def handle(*args)
  if args[0].class.method_defined?(:j_del) && !block_given?
    return @j_del.java_method(:handle, [Java::IoVertxExtWeb::RoutingContext.java_class]).call(args[0].j_del)
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling handle(#{args[0]})"
  end
end
Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

Parameters:

  • name (String)
    a new name for the cookie.

Returns:

  • (self)


60
61
62
63
64
65
66
67
68
69
70
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 60

def set_cookie_name(*args)
  if args[0].class == String && !block_given?
    @j_del.java_method(:setCookieName, [Java::java.lang.String.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_cookie_name(#{args[0]})"
  end
end
Set the cookie path. By default / is used.

Parameters:

  • path (String)
    a new path for the cookie.

Returns:

  • (self)


154
155
156
157
158
159
160
161
162
163
164
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 154

def set_cookie_path(*args)
  if args[0].class == String && !block_given?
    @j_del.java_method(:setCookiePath, [Java::java.lang.String.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_cookie_path(#{args[0]})"
  end
end

- (self) setHeaderName(name)

Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

Parameters:

  • name (String)
    a new name for the header.

Returns:

  • (self)


125
126
127
128
129
130
131
132
133
134
135
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 125

def set_header_name(*args)
  if args[0].class == String && !block_given?
    @j_del.java_method(:setHeaderName, [Java::java.lang.String.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_header_name(#{args[0]})"
  end
end

- (self) setNagHttps(nag)

Should the handler give warning messages if this handler is used in other than https protocols?

Parameters:

  • nag (true, false)
    true to nag

Returns:

  • (self)


90
91
92
93
94
95
96
97
98
99
100
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 90

def set_nag_https(*args)
  if (args[0].class == TrueClass || args[0].class == FalseClass) && !block_given?
    @j_del.java_method(:setNagHttps, [Java::boolean.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_nag_https(#{args[0]})"
  end
end

- (self) setResponseBody(responseBody)

Set the body returned by the handler when the XSRF token is missing or invalid.

Parameters:

  • responseBody (String)
    the body of the response. If null, no response body will be returned.

Returns:

  • (self)


75
76
77
78
79
80
81
82
83
84
85
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 75

def set_response_body(*args)
  if args[0].class == String && !block_given?
    @j_del.java_method(:setResponseBody, [Java::java.lang.String.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_response_body(#{args[0]})"
  end
end

- (self) setTimeout(timeout)

Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

Parameters:

  • timeout (Fixnum)
    token timeout

Returns:

  • (self)


44
45
46
47
48
49
50
51
52
53
54
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 44

def set_timeout(*args)
  if args[0].class == Fixnum && !block_given?
    @j_del.java_method(:setTimeout, [Java::long.java_class]).call(args[0])
    return self
  end
  if defined?(super)
    super
  else
    raise ArgumentError, "Invalid arguments when calling set_timeout(#{args[0]})"
  end
end