001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.security.pacl.permission.PortalRuntimePermission;
019    
020    import javax.servlet.http.HttpServletRequest;
021    
022    /**
023     * @author Amos Fong
024     */
025    public class AuthTokenUtil {
026    
027            /**
028             * @deprecated As of 6.2.0, replaced by {@link
029             *             #checkCSRFToken(HttpServletRequest, String)}
030             */
031            public static void check(HttpServletRequest request)
032                    throws PortalException {
033    
034                    getAuthToken().check(request);
035            }
036    
037            public static void checkCSRFToken(HttpServletRequest request, String origin)
038                    throws PrincipalException {
039    
040                    getAuthToken().checkCSRFToken(request, origin);
041            }
042    
043            public static AuthToken getAuthToken() {
044                    PortalRuntimePermission.checkGetBeanProperty(AuthTokenUtil.class);
045    
046                    return _authToken;
047            }
048    
049            public static String getToken(HttpServletRequest request) {
050                    return getAuthToken().getToken(request);
051            }
052    
053            public static String getToken(
054                    HttpServletRequest request, long plid, String portletId) {
055    
056                    return getAuthToken().getToken(request, plid, portletId);
057            }
058    
059            public static boolean isValidPortletInvocationToken(
060                    HttpServletRequest request, long plid, String portletId,
061                    String strutsAction, String tokenValue) {
062    
063                    return getAuthToken().isValidPortletInvocationToken(
064                            request, plid, portletId, strutsAction, tokenValue);
065            }
066    
067            public void setAuthToken(AuthToken authToken) {
068                    PortalRuntimePermission.checkSetBeanProperty(getClass());
069    
070                    _authToken = authToken;
071            }
072    
073            private static AuthToken _authToken;
074    
075    }