diff options
| author | Julien Lancelot <julien.lancelot@sonarsource.com> | 2018-07-26 14:47:51 +0200 |
|---|---|---|
| committer | SonarTech <sonartech@sonarsource.com> | 2018-07-31 20:21:25 +0200 |
| commit | 5dab6708e0f56f6f93302d32782d8d389b7b107a (patch) | |
| tree | dbf01031f610a87fc20553dda75607a24e56e0df /sonar-plugin-api/src/main/java | |
| parent | 22646a25ffc8d046daf971b3c9d1dfc59e902d4e (diff) | |
| download | sonarqube-5dab6708e0f56f6f93302d32782d8d389b7b107a.tar.gz sonarqube-5dab6708e0f56f6f93302d32782d8d389b7b107a.zip | |
SONAR-11072 Allow customization of request parameter used to check CSRF state
Diffstat (limited to 'sonar-plugin-api/src/main/java')
| -rw-r--r-- | sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/OAuth2IdentityProvider.java | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/OAuth2IdentityProvider.java b/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/OAuth2IdentityProvider.java index ac9395efa24..6ef11a059fd 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/OAuth2IdentityProvider.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/OAuth2IdentityProvider.java @@ -76,11 +76,21 @@ public interface OAuth2IdentityProvider extends IdentityProvider { /** * Check that the state is valid. + * The state will be read from the 'state' parameter of the HTTP request + * * It should only be called If {@link InitContext#generateCsrfState()} was used in the init */ void verifyCsrfState(); /** + * Check that the state is valid + * The state will be read from the given parameter name of the HTTP request + * + * It should only be called If {@link InitContext#generateCsrfState()} was used in the init + */ + void verifyCsrfState(String parameterName); + + /** * Redirect the request to the requested page. * Must be called at the end of {@link OAuth2IdentityProvider#callback(CallbackContext)} */ |