1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.validator.validators;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpSession;
20
21 import org.seasar.cubby.action.MessageInfo;
22 import org.seasar.cubby.internal.controller.ThreadContext;
23 import org.seasar.cubby.internal.util.TokenHelper;
24 import org.seasar.cubby.tags.TokenTag;
25 import org.seasar.cubby.validator.ArrayFieldValidator;
26 import org.seasar.cubby.validator.ValidationContext;
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55 public class TokenValidator implements ArrayFieldValidator {
56
57
58
59
60 private final String messageKey;
61
62
63
64
65 public TokenValidator() {
66 this("valid.token");
67 }
68
69
70
71
72
73
74
75 public TokenValidator(final String messageKey) {
76 this.messageKey = messageKey;
77 }
78
79
80
81
82 public void validate(final ValidationContext context, final Object[] values) {
83 if (values == null) {
84 return;
85 }
86
87 if (values.length == 1) {
88 final String token = (String) values[0];
89 final HttpServletRequest request = ThreadContext.getRequest();
90 final HttpSession session = request.getSession(false);
91 if (session == null) {
92 return;
93 }
94 if (TokenHelper.validateToken(session, token)) {
95 return;
96 }
97 }
98
99 final MessageInfo messageInfo = new MessageInfo();
100 messageInfo.setKey(this.messageKey);
101 context.addMessageInfo(messageInfo);
102 }
103 }