001    package railo.runtime.functions.csrf;
002    
003    import railo.runtime.PageContext;
004    import railo.runtime.exp.ExpressionException;
005    import railo.runtime.exp.PageException;
006    import railo.runtime.ext.function.Function;
007    import railo.runtime.type.scope.Session;
008    import railo.runtime.type.scope.storage.StorageScope;
009    
010    public class CSRFGenerateToken implements Function {
011            
012            private static final long serialVersionUID = -2411153524245619987L;
013    
014            public static String call(PageContext pc) throws PageException {
015                    return call(pc, null, false);
016            }
017            public static String call(PageContext pc, String key) throws PageException {
018                    return call(pc, key, false);
019            }
020            
021            public static String call(PageContext pc, String key, boolean forceNew) throws PageException {
022                    if(key==null) key="";
023                    
024                    return getStorageScope(pc).generateToken(key, forceNew);
025            }
026            public static StorageScope getStorageScope(PageContext pc) throws PageException {
027                    Session session = pc.sessionScope();
028                    if(!(session instanceof StorageScope))
029                            throw new ExpressionException("this function only works with CF Sessions");
030                    return (StorageScope) session;
031            }
032    }