1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.validator.validators;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpSession;
20
21 import org.seasar.cubby.action.MessageInfo;
22 import org.seasar.cubby.internal.controller.ThreadContext;
23 import org.seasar.cubby.internal.util.TokenHelper;
24 import org.seasar.cubby.tags.TokenTag;
25 import org.seasar.cubby.validator.ArrayFieldValidator;
26 import org.seasar.cubby.validator.ValidationContext;
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54 public class TokenValidator implements ArrayFieldValidator {
55
56
57
58
59 private final String messageKey;
60
61
62
63
64 public TokenValidator() {
65 this("valid.token");
66 }
67
68
69
70
71
72
73
74 public TokenValidator(final String messageKey) {
75 this.messageKey = messageKey;
76 }
77
78
79
80
81 public void validate(final ValidationContext context, final Object[] values) {
82 if (values == null) {
83 return;
84 }
85
86 if (values.length == 1) {
87 final String token = (String) values[0];
88 final HttpServletRequest request = ThreadContext.getRequest();
89 final HttpSession session = request.getSession(false);
90 if (session == null) {
91 return;
92 }
93 if (TokenHelper.validateToken(session, token)) {
94 return;
95 }
96 }
97
98 final MessageInfo messageInfo = new MessageInfo();
99 messageInfo.setKey(this.messageKey);
100 context.addMessageInfo(messageInfo);
101 }
102 }