tokenhelper.java

struts 2 核心包 的源码 有错误是难免的

// Decompiled by Jad v1.5.8e2. Copyright 2001 Pavel Kouznetsov.
// Jad home page: http://kpdus.tripod.com/jad.html
// Decompiler options: packimports(3) fieldsfirst ansi space 
// Source File Name:   TokenHelper.java

package org.apache.struts2.util;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.util.LocalizedTextUtil;
import java.math.BigInteger;
import java.util.Map;
import java.util.Random;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class TokenHelper
{

	public static final String DEFAULT_TOKEN_NAME = "struts.token";
	public static final String TOKEN_NAME_FIELD = "struts.token.name";
	private static final Log LOG = LogFactory.getLog(org/apache/struts2/util/TokenHelper);
	private static final Random RANDOM = new Random();

	public TokenHelper()
	{
	}

	public static String setToken()
	{
		return setToken("struts.token");
	}

	public static String setToken(String tokenName)
	{
		Map session = ActionContext.getContext().getSession();
		String token = generateGUID();
		try
		{
			session.put(tokenName, token);
		}
		catch (IllegalStateException e)
		{
			String msg = (new StringBuilder()).append("Error creating HttpSession due response is commited to client. You can use the CreateSessionInterceptor or create the HttpSession from your action before the result is rendered to the client: ").append(e.getMessage()).toString();
			LOG.error(msg, e);
			throw new IllegalArgumentException(msg);
		}
		return token;
	}

	public static String getToken()
	{
		return getToken("struts.token");
	}

	public static String getToken(String tokenName)
	{
		Map params = ActionContext.getContext().getParameters();
		String tokens[] = (String[])(String[])params.get(tokenName);
		if (tokens == null || tokens.length < 1)
		{
			LOG.warn((new StringBuilder()).append("Could not find token mapped to token name ").append(tokenName).toString());
			return null;
		} else
		{
			String token = tokens[0];
			return token;
		}
	}

	public static String getTokenName()
	{
		Map params = ActionContext.getContext().getParameters();
		if (!params.containsKey("struts.token.name"))
		{
			LOG.warn("Could not find token name in params.");
			return null;
		}
		String tokenNames[] = (String[])(String[])params.get("struts.token.name");
		if (tokenNames == null || tokenNames.length < 1)
		{
			LOG.warn("Got a null or empty token name.");
			return null;
		} else
		{
			String tokenName = tokenNames[0];
			return tokenName;
		}
	}

	public static boolean validToken()
	{
		String tokenName = getTokenName();
		if (tokenName == null)
		{
			if (LOG.isDebugEnabled())
				LOG.debug("no token name found -> Invalid token ");
			return false;
		}
		String token = getToken(tokenName);
		if (token == null)
		{
			if (LOG.isDebugEnabled())
				LOG.debug((new StringBuilder()).append("no token found for token name ").append(tokenName).append(" -> Invalid token ").toString());
			return false;
		}
		Map session = ActionContext.getContext().getSession();
		String sessionToken = (String)session.get(tokenName);
		if (!token.equals(sessionToken))
		{
			LOG.warn(LocalizedTextUtil.findText(org/apache/struts2/util/TokenHelper, "struts.internal.invalid.token", ActionContext.getContext().getLocale(), "Form token {0} does not match the session token {1}.", new Object[] {
				token, sessionToken
			}));
			return false;
		} else
		{
			session.remove(tokenName);
			return true;
		}
	}

	public static String generateGUID()
	{
		return (new BigInteger(165, RANDOM)).toString(36).toUpperCase();
	}

}