CsrfProtection (OpenAM Project 15.1.7-SNAPSHOT API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.forgerock.oauth2.core.CsrfProtection

```
public class CsrfProtection
extends Object
```
This class provides methods for checking if a request is a part of a cross-site request forgery attack (CSRF).

Constructor Summary

Constructors
Constructor and Description

CsrfProtection(ResourceOwnerSessionValidator resourceOwnerSessionValidator)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`isCsrfAttack(OAuth2Request request)` Checks if the request contains the required "csrf" parameter and check it equals the users session id.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CsrfProtection
```
@Inject
public CsrfProtection(ResourceOwnerSessionValidator resourceOwnerSessionValidator)
```
- Method Detail
  - isCsrfAttack
```
public boolean isCsrfAttack(OAuth2Request request)
```
    Checks if the request contains the required "csrf" parameter and check it equals the users session id.
    
    Parameters:
    
    request - The request.
    
    Returns:
    
    true if the request is a CSRF attack, false if not.

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.