1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.validator.validators;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpSession;
20
21 import org.seasar.cubby.internal.controller.ThreadContext;
22 import org.seasar.cubby.internal.util.TokenHelper;
23 import org.seasar.cubby.tags.TokenTag;
24 import org.seasar.cubby.validator.ArrayFieldValidator;
25 import org.seasar.cubby.validator.MessageHelper;
26 import org.seasar.cubby.validator.ValidationContext;
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42 public class TokenValidator implements ArrayFieldValidator {
43
44
45
46
47 private final MessageHelper messageHelper;
48
49
50
51
52 public TokenValidator() {
53 this("valid.token");
54 }
55
56
57
58
59
60
61
62 public TokenValidator(final String messageKey) {
63 this.messageHelper = new MessageHelper(messageKey);
64 }
65
66
67
68
69 public void validate(final ValidationContext context, final Object[] values) {
70 if (values == null) {
71 return;
72 }
73 if (values.length != 1) {
74 context.addMessageInfo(this.messageHelper.createMessageInfo());
75 } else {
76 final String token = (String) values[0];
77 final HttpServletRequest request = ThreadContext.getRequest();
78 final HttpSession session = request.getSession(false);
79 if (session != null) {
80 if (!TokenHelper.validateToken(session, token)) {
81 context.addMessageInfo(this.messageHelper
82 .createMessageInfo());
83 }
84 }
85 }
86 }
87 }