1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.seasar.cubby.validator.validators;
18
19 import javax.servlet.http.HttpServletRequest;
20 import javax.servlet.http.HttpSession;
21
22 import org.seasar.cubby.action.MessageInfo;
23 import org.seasar.cubby.internal.controller.ThreadContext;
24 import org.seasar.cubby.internal.util.TokenHelper;
25 import org.seasar.cubby.tags.TokenTag;
26 import org.seasar.cubby.validator.ArrayFieldValidator;
27 import org.seasar.cubby.validator.ValidationContext;
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56 public class TokenValidator implements ArrayFieldValidator {
57
58
59
60
61 private final String messageKey;
62
63
64
65
66 public TokenValidator() {
67 this("valid.token");
68 }
69
70
71
72
73
74
75
76 public TokenValidator(final String messageKey) {
77 this.messageKey = messageKey;
78 }
79
80
81
82
83 public void validate(final ValidationContext context, final Object[] values) {
84 if (values == null) {
85 return;
86 }
87
88 if (values.length == 1) {
89 final String token = (String) values[0];
90 final ThreadContext currentContext = ThreadContext
91 .getCurrentContext();
92 final HttpServletRequest request = currentContext.getRequest();
93 final HttpSession session = request.getSession(false);
94 if (session == null) {
95 return;
96 }
97 if (TokenHelper.validateToken(session, token)) {
98 return;
99 }
100 }
101
102 final MessageInfo messageInfo = new MessageInfo();
103 messageInfo.setKey(this.messageKey);
104 context.addMessageInfo(messageInfo);
105 }
106 }