Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
TokenValidator |
|
| 1.6666666666666667;1.667 |
1 | /* | |
2 | * Copyright 2004-2008 the Seasar Foundation and the Others. | |
3 | * | |
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
5 | * you may not use this file except in compliance with the License. | |
6 | * You may obtain a copy of the License at | |
7 | * | |
8 | * http://www.apache.org/licenses/LICENSE-2.0 | |
9 | * | |
10 | * Unless required by applicable law or agreed to in writing, software | |
11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, | |
13 | * either express or implied. See the License for the specific language | |
14 | * governing permissions and limitations under the License. | |
15 | */ | |
16 | package org.seasar.cubby.validator.validators; | |
17 | ||
18 | import javax.servlet.http.HttpSession; | |
19 | ||
20 | import org.seasar.cubby.controller.ThreadContext; | |
21 | import org.seasar.cubby.tags.TokenTag; | |
22 | import org.seasar.cubby.util.TokenHelper; | |
23 | import org.seasar.cubby.validator.ArrayFieldValidator; | |
24 | import org.seasar.cubby.validator.MessageHelper; | |
25 | import org.seasar.cubby.validator.ValidationContext; | |
26 | ||
27 | /** | |
28 | * 2重サブミットの検証をします。 | |
29 | * <p> | |
30 | * ポストする画面で{@link TokenTag}を使用して、Actionクラスで TokenValidatorを使用することで、 | |
31 | * 2重サブミットを防止します。 | |
32 | * </p> | |
33 | * <p> | |
34 | * デフォルトエラーメッセージキー:valid.token | |
35 | * </p> | |
36 | * | |
37 | * @author agata | |
38 | * @author baba | |
39 | * @since 1.0.0 | |
40 | */ | |
41 | public class TokenValidator implements ArrayFieldValidator { | |
42 | ||
43 | private final MessageHelper messageHelper; | |
44 | ||
45 | /** | |
46 | * コンストラクタ | |
47 | */ | |
48 | public TokenValidator() { | |
49 | 1 | this("valid.token"); |
50 | 1 | } |
51 | ||
52 | /** | |
53 | * エラーメッセージキーを指定するコンストラクタ | |
54 | * | |
55 | * @param messageKey | |
56 | * エラーメッセージキー | |
57 | */ | |
58 | 1 | public TokenValidator(final String messageKey) { |
59 | 1 | this.messageHelper = new MessageHelper(messageKey); |
60 | 1 | } |
61 | ||
62 | /** | |
63 | * {@inheritDoc} | |
64 | */ | |
65 | public void validate(final ValidationContext context, final Object[] values) { | |
66 | 3 | if (values != null && values.length != 1) { |
67 | 0 | context.addMessageInfo(this.messageHelper.createMessageInfo()); |
68 | } else { | |
69 | 3 | final String token = (String) values[0]; |
70 | 3 | final HttpSession session = ThreadContext.getRequest().getSession(); |
71 | 3 | if (!TokenHelper.validateToken(session, token)) { |
72 | 2 | context.addMessageInfo(this.messageHelper.createMessageInfo()); |
73 | } | |
74 | } | |
75 | 3 | } |
76 | } |