Trait/Object

play.api.libs.crypto

CSRFTokenSigner

Related Docs: object CSRFTokenSigner | package crypto

Permalink

trait CSRFTokenSigner extends AnyRef

Cryptographic utilities for generating and validating CSRF tokens.

This trait should not be used as a general purpose encryption utility.

Source
Crypto.scala
Linear Supertypes
AnyRef, Any
Known Subclasses
Crypto, DefaultCSRFTokenSigner
Ordering
  1. Alphabetic
  2. By inheritance
Inherited
  1. CSRFTokenSigner
  2. AnyRef
  3. Any
  1. Hide All
  2. Show all
Visibility
  1. Public
  2. All

Abstract Value Members

  1. abstract def compareSignedTokens(tokenA: String, tokenB: String): Boolean

    Permalink

    Compare two signed tokens

  2. abstract def constantTimeEquals(a: String, b: String): Boolean

    Permalink

    Constant time equals method.

    Constant time equals method.

    Given a length that both Strings are equal to, this method will always run in constant time. This prevents timing attacks.

  3. abstract def extractSignedToken(token: String): Option[String]

    Permalink

    Extract a signed token that was signed by play.api.libs.Crypto.signToken.

    Extract a signed token that was signed by play.api.libs.Crypto.signToken.

    token

    The signed token to extract.

    returns

    The verified raw token, or None if the token isn't valid.

  4. abstract def generateSignedToken: String

    Permalink

    Generates a signed token.

  5. abstract def generateToken: String

    Permalink

    Generates a cryptographically secure token.

  6. abstract def signToken(token: String): String

    Permalink

    Sign a token.

    Sign a token. This produces a new token, that has this token signed with a nonce.

    This primarily exists to defeat the BREACH vulnerability, as it allows the token to effectively be random per request, without actually changing the value.

    token

    The token to sign

    returns

    The signed token

Concrete Value Members

  1. final def !=(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  2. final def ##(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  3. final def ==(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  4. final def asInstanceOf[T0]: T0

    Permalink
    Definition Classes
    Any

  5. def clone(): AnyRef

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  6. final def eq(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  7. def equals(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  8. def finalize(): Unit

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )

  9. final def getClass(): Class[_]

    Permalink
    Definition Classes
    AnyRef → Any

  10. def hashCode(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  11. final def isInstanceOf[T0]: Boolean

    Permalink
    Definition Classes
    Any

  12. final def ne(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  13. final def notify(): Unit

    Permalink
    Definition Classes
    AnyRef

  14. final def notifyAll(): Unit

    Permalink
    Definition Classes
    AnyRef

  15. final def synchronized[T0](arg0: ⇒ T0): T0

    Permalink
    Definition Classes
    AnyRef

  16. def toString(): String

    Permalink
    Definition Classes
    AnyRef → Any

  17. final def wait(): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  18. final def wait(arg0: Long, arg1: Int): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  19. final def wait(arg0: Long): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Inherited from AnyRef

Inherited from Any

Ungrouped