001 package railo.runtime.functions.csrf; 002 003 import railo.runtime.PageContext; 004 import railo.runtime.exp.ExpressionException; 005 import railo.runtime.exp.PageException; 006 import railo.runtime.ext.function.Function; 007 import railo.runtime.type.scope.Session; 008 import railo.runtime.type.scope.storage.StorageScope; 009 010 public class CSRFGenerateToken implements Function { 011 012 private static final long serialVersionUID = -2411153524245619987L; 013 014 public static String call(PageContext pc) throws PageException { 015 return call(pc, null, false); 016 } 017 public static String call(PageContext pc, String key) throws PageException { 018 return call(pc, key, false); 019 } 020 021 public static String call(PageContext pc, String key, boolean forceNew) throws PageException { 022 if(key==null) key=""; 023 024 return getStorageScope(pc).generateToken(key, forceNew); 025 } 026 public static StorageScope getStorageScope(PageContext pc) throws PageException { 027 Session session = pc.sessionScope(); 028 if(!(session instanceof StorageScope)) 029 throw new ExpressionException("this function only works with CF Sessions"); 030 return (StorageScope) session; 031 } 032 }