| /** |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.pulsar.manager.controller; |
| |
| import io.swagger.annotations.Api; |
| import org.springframework.http.HttpHeaders; |
| import org.springframework.http.HttpStatus; |
| import org.springframework.http.ResponseEntity; |
| import org.springframework.security.web.csrf.CsrfToken; |
| import org.springframework.web.bind.annotation.RequestMapping; |
| import org.springframework.web.bind.annotation.RequestMethod; |
| import org.springframework.web.bind.annotation.RestController; |
| import javax.servlet.http.HttpServletRequest; |
| |
| @RestController |
| @RequestMapping(value = "/pulsar-manager") |
| @Api(description = "Generate csrf token for per page.") |
| public class CsrfTokenController { |
| |
| @RequestMapping(value="/csrf-token", method= RequestMethod.GET) |
| public ResponseEntity<String> getCsrfToken(HttpServletRequest request) { |
| CsrfToken token = (CsrfToken)request.getAttribute(CsrfToken.class.getName()); |
| HttpHeaders headers = new HttpHeaders(); |
| headers.add("X-Csrf-Token", token.getToken()); |
| return new ResponseEntity<> (token.getToken(), headers, HttpStatus.OK); |
| } |
| |
| } |