File CSRFTokenInvalidator.java

Branches:

Statements:

Methods:

Classes:

LOC:

NCLOC:

Total complexity:

Complexity density:

Statements/Method:

Methods/Class:

Average method complexity:

Classes

Class	Line #	Total Statements	% Filtered	Complexity	Uncovered Elements	TOTAL Coverage	Actions
CSRFTokenInvalidator	47	3	0%	3	2	0.666666766.7%

Class CSRFTokenInvalidator

Class CSRFTokenInvalidator	Line # 47	Total Statements 3	% Filtered 0%	Complexity 3	Uncovered Elements 2	TOTAL Coverage 0.666666766.7%
getEvents() : List<Event> getEvents() : List<Event>	5353	1.01	0.00%	1.01	0.00	1.0 1.0100%
getName() : String getName() : String	5959	1.01	0.00%	1.01	1.01	0.0 0.00%
onEvent(Event,Object,Object) : void onEvent(Event,Object,Object) : void	6565	1.01	0.00%	1.01	0.00	1.0 1.0100%

Contributing tests

No tests hitting this source file were found.

Source view

* See the NOTICE file distributed with this work for additional

* information regarding copyright ownership.

* This is free software; you can redistribute it and/or modify it

* under the terms of the GNU Lesser General Public License as

* published by the Free Software Foundation; either version 2.1 of

* the License, or (at your option) any later version.

* This software is distributed in the hope that it will be useful,

* but WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* Lesser General Public License for more details.

* You should have received a copy of the GNU Lesser General Public

* License along with this software; if not, write to the Free

* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA

* 02110-1301 USA, or see the FSF site: http://www.fsf.org.

package org.xwiki.csrf.internal;

import java.util.Collections;

import java.util.List;

import javax.inject.Inject;

import javax.inject.Named;

import javax.inject.Singleton;

import org.xwiki.bridge.event.ActionExecutingEvent;

import org.xwiki.component.annotation.Component;

import org.xwiki.csrf.CSRFToken;

import org.xwiki.observation.EventListener;

import org.xwiki.observation.event.Event;

/**

* {@link EventListener} which will invalidate the CSRF token for the current user whenever a {@code /logout/} action

* occurs.

* @version $Id: a4bd1849a2ead6128864ebc6138be434f2061a57 $

* @since 4.0M1

// FIXME This is currently disabled because at the time this event is sent, the user has already been removed from the

// context, so we're messing things up for guests.

@Component(staticRegistration = false)

@Named("csrf-token-invalidator")

@Singleton

public class CSRFTokenInvalidator implements EventListener

{

/** CSRF Token manager. */

@Inject

private CSRFToken tokenManager;

@Override

public List<Event> getEvents()

{

return Collections.<Event> singletonList(new ActionExecutingEvent("logout"));

}

@Override

public String getName()

{

return "csrf-token-invalidator";

}

@Override

public void onEvent(Event event, Object source, Object data)

{

this.tokenManager.clearToken();

}

XWiki Enterprise - Parent POM 9.0-SNAPSHOT

File CSRFTokenInvalidator.java

Coverage histogram

Code metrics

Classes

Class CSRFTokenInvalidator

Contributing tests

Source view