1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.validator.validators;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpSession;
20
21 import org.seasar.cubby.controller.ThreadContext;
22 import org.seasar.cubby.tags.TokenTag;
23 import org.seasar.cubby.util.TokenHelper;
24 import org.seasar.cubby.validator.ArrayFieldValidator;
25 import org.seasar.cubby.validator.MessageHelper;
26 import org.seasar.cubby.validator.ValidationContext;
27 import org.seasar.framework.message.MessageFormatter;
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43 public class TokenValidator implements ArrayFieldValidator {
44
45 private final MessageHelper messageHelper;
46
47
48
49
50 public TokenValidator() {
51 this("valid.token");
52 }
53
54
55
56
57
58
59
60 public TokenValidator(final String messageKey) {
61 this.messageHelper = new MessageHelper(messageKey);
62 }
63
64
65
66
67 public void validate(final ValidationContext context, final Object[] values) {
68 if (values != null && values.length != 1) {
69 context.addMessageInfo(this.messageHelper.createMessageInfo());
70 } else {
71 final String token = (String) values[0];
72 final HttpServletRequest request = ThreadContext.getRequest();
73 if (request == null) {
74 throw new IllegalStateException(MessageFormatter.getMessage("ECUB0401", null));
75 }
76 final HttpSession session = request.getSession();
77 if (!TokenHelper.validateToken(session, token)) {
78 context.addMessageInfo(this.messageHelper.createMessageInfo());
79 }
80 }
81 }
82 }