zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 16:37:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Refactor a few new XsrfTokenManager methods

Browse source 
Followup to comments on []

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=148792464
This commit is contained in:
nickfelt 2017-02-28 11:17:35 -08:00 committed by Ben McIlwain
parent 822cbc0494
commit 726e925b4a
5 changed files with 28 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

26
java/google/registry/security/XsrfTokenManager.java
View file

@ -68,24 +68,13 @@ public final class XsrfTokenManager {
.asBytes());
}
/**
* Generate an xsrf token for a given scope using the email of the logged in user or else no user.
*
* <p>If there is no user, the entire xsrf check becomes basically a no-op, but that's ok because
* any callback that doesn't have a user shouldn't be able to access any per-user resources
* anyways.
*
* <p>The scope (or lack thereof) is passed to {@link #encodeToken}. Use of a scope in xsrf tokens
* is deprecated; instead, use the no-argument version.
*/
@Deprecated
public String generateTokenWithCurrentUser(@Nullable String scope) {
return generateTokenSub(scope, getLoggedInEmailOrEmpty());
}
/**
* Generate an xsrf token for a given scope and user.
*
* <p>If there is no user (email is an empty string), the entire xsrf check becomes basically a
* no-op, but that's ok because any callback that doesn't have a user shouldn't be able to access
* any per-user resources anyways.
*
* <p>The scope (or lack thereof) is passed to {@link #encodeToken}. Use of a scope in xsrf tokens
* is deprecated; instead, use the no-argument version.
*/
@ -97,18 +86,13 @@ public final class XsrfTokenManager {
/** Generate an xsrf token for a given user. */
public String generateToken(String email) {
return generateTokenSub(null, email);
return generateToken(null, email);
}
private String getLoggedInEmailOrEmpty() {
return userService.isUserLoggedIn() ? userService.getCurrentUser().getEmail() : "";
}
private String generateTokenSub(@Nullable String scope, String email) {
long now = clock.nowUtc().getMillis();
return Joiner.on(':').join(encodeToken(now, scope, email), now);
}
/**
* Validate an xsrf token, given the scope it was used for.
*