Source: vertx-web-js/csrf_handler.js

/*
 * Copyright 2014 Red Hat, Inc.
 *
 * Red Hat licenses this file to you under the Apache License, version 2.0
 * (the "License"); you may not use this file except in compliance with the
 * License.  You may obtain a copy of the License at:
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */

/** @module vertx-web-js/csrf_handler */
var utils = require('vertx-js/util/utils');
var Vertx = require('vertx-js/vertx');
var RoutingContext = require('vertx-web-js/routing_context');
var Promise = require('vertx-js/promise');

var io = Packages.io;
var JsonObject = io.vertx.core.json.JsonObject;
var JsonArray = io.vertx.core.json.JsonArray;
var JCSRFHandler = Java.type('io.vertx.ext.web.handler.CSRFHandler');

/**
 This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set
 with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header.

 The behavior is to check the request body header and cookie for validity.

 This Handler requires session support, thus should be added somewhere below Session and Body handlers.

 @class
*/
var CSRFHandler = function(j_val) {

  var j_cSRFHandler = j_val;
  var that = this;

  var __super_handle = this.handle;
  var __super_create = this.create;
  var __super_setCookieName = this.setCookieName;
  var __super_setCookiePath = this.setCookiePath;
  var __super_setHeaderName = this.setHeaderName;
  var __super_setNagHttps = this.setNagHttps;
  var __super_setResponseBody = this.setResponseBody;
  var __super_setTimeout = this.setTimeout;
  /**
   Something has happened, so handle it.

   @public
   @param event {RoutingContext} the event to handle 
   */
  this.handle =  function(event) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'object' && __args[0]._jdel) {
      j_cSRFHandler["handle(io.vertx.ext.web.RoutingContext)"](event._jdel);
    } else if (typeof __super_handle != 'undefined') {
      return __super_handle.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks
   might use other names.

   @public
   @param name {string} a new name for the cookie. 
   @return {CSRFHandler} fluent
   */
  this.setCookieName =  function(name) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setCookieName(java.lang.String)"](name) ;
      return that;
    } else if (typeof __super_setCookieName != 'undefined') {
      return __super_setCookieName.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the cookie path. By default / is used.

   @public
   @param path {string} a new path for the cookie. 
   @return {CSRFHandler} fluent
   */
  this.setCookiePath =  function(path) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setCookiePath(java.lang.String)"](path) ;
      return that;
    } else if (typeof __super_setCookiePath != 'undefined') {
      return __super_setCookiePath.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other
   frameworks might use other names.

   @public
   @param name {string} a new name for the header. 
   @return {CSRFHandler} fluent
   */
  this.setHeaderName =  function(name) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setHeaderName(java.lang.String)"](name) ;
      return that;
    } else if (typeof __super_setHeaderName != 'undefined') {
      return __super_setHeaderName.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Should the handler give warning messages if this handler is used in other than https protocols?

   @public
   @param nag {boolean} true to nag 
   @return {CSRFHandler} fluent
   */
  this.setNagHttps =  function(nag) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] ==='boolean') {
      j_cSRFHandler["setNagHttps(boolean)"](nag) ;
      return that;
    } else if (typeof __super_setNagHttps != 'undefined') {
      return __super_setNagHttps.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the body returned by the handler when the XSRF token is missing or invalid.

   @public
   @param responseBody {string} the body of the response. If null, no response body will be returned. 
   @return {CSRFHandler} fluent
   */
  this.setResponseBody =  function(responseBody) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setResponseBody(java.lang.String)"](responseBody) ;
      return that;
    } else if (typeof __super_setResponseBody != 'undefined') {
      return __super_setResponseBody.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

   @public
   @param timeout {number} token timeout 
   @return {CSRFHandler} fluent
   */
  this.setTimeout =  function(timeout) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] ==='number') {
      j_cSRFHandler["setTimeout(long)"](timeout) ;
      return that;
    } else if (typeof __super_setTimeout != 'undefined') {
      return __super_setTimeout.apply(this, __args);
    }
    else throw new TypeError('function invoked with invalid arguments');
  };

  // A reference to the underlying Java delegate
  // NOTE! This is an internal API and must not be used in user code.
  // If you rely on this property your code is likely to break if we change it / remove it without warning.
  this._jdel = j_cSRFHandler;
};

CSRFHandler._jclass = utils.getJavaClass("io.vertx.ext.web.handler.CSRFHandler");
CSRFHandler._jtype = {accept: function(obj) {
    return CSRFHandler._jclass.isInstance(obj._jdel);
  },wrap: function(jdel) {
    var obj = Object.create(CSRFHandler.prototype, {});
    CSRFHandler.apply(obj, arguments);
    return obj;
  },
  unwrap: function(obj) {
    return obj._jdel;
  }
};
CSRFHandler._create = function(jdel) {var obj = Object.create(CSRFHandler.prototype, {});
  CSRFHandler.apply(obj, arguments);
  return obj;
}
/**
 Instantiate a new CSRFHandlerImpl with a secret
 <p>
 <pre>
 CSRFHandler.create("s3cr37")
 </pre>

 @memberof module:vertx-web-js/csrf_handler
 @param vertx {Vertx} 
 @param secret {string} server secret to sign the token. 
 @return {CSRFHandler}
 */
CSRFHandler.create =  function(vertx, secret) {
  var __args = arguments;
  if (__args.length === 2 && typeof __args[0] === 'object' && __args[0]._jdel && typeof __args[1] === 'string') {
    return utils.convReturnVertxGen(CSRFHandler, JCSRFHandler["create(io.vertx.core.Vertx,java.lang.String)"](vertx._jdel, secret)) ;
  }else throw new TypeError('function invoked with invalid arguments');
};

CSRFHandler.ERROR_MESSAGE = JCSRFHandler.ERROR_MESSAGE;
CSRFHandler.DEFAULT_COOKIE_NAME = JCSRFHandler.DEFAULT_COOKIE_NAME;
CSRFHandler.DEFAULT_COOKIE_PATH = JCSRFHandler.DEFAULT_COOKIE_PATH;
CSRFHandler.DEFAULT_HEADER_NAME = JCSRFHandler.DEFAULT_HEADER_NAME;
CSRFHandler.DEFAULT_RESPONSE_BODY = JCSRFHandler.DEFAULT_RESPONSE_BODY;
module.exports = CSRFHandler;