Coverage Report - org.apache.myfaces.application.viewstate.RandomCsrfSessionTokenFactory
 
Classes in this File Line Coverage Branch Coverage Complexity
RandomCsrfSessionTokenFactory
0%
0/20
0%
0/4
1.5
 
 1   
 /*
 2   
  * Licensed to the Apache Software Foundation (ASF) under one
 3   
  * or more contributor license agreements.  See the NOTICE file
 4   
  * distributed with this work for additional information
 5   
  * regarding copyright ownership.  The ASF licenses this file
 6   
  * to you under the Apache License, Version 2.0 (the
 7   
  * "License"); you may not use this file except in compliance
 8   
  * with the License.  You may obtain a copy of the License at
 9   
  *
 10   
  *   http://www.apache.org/licenses/LICENSE-2.0
 11   
  *
 12   
  * Unless required by applicable law or agreed to in writing,
 13   
  * software distributed under the License is distributed on an
 14   
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 15   
  * KIND, either express or implied.  See the License for the
 16   
  * specific language governing permissions and limitations
 17   
  * under the License.
 18   
  */
 19   
 package org.apache.myfaces.application.viewstate;
 20   
 
 21   
 import java.util.Map;
 22   
 import java.util.Random;
 23   
 import javax.faces.context.ExternalContext;
 24   
 import javax.faces.context.FacesContext;
 25   
 import org.apache.commons.codec.binary.Hex;
 26   
 import org.apache.myfaces.application.StateCache;
 27   
 import org.apache.myfaces.shared.renderkit.RendererUtils;
 28   
 import org.apache.myfaces.shared.util.WebConfigParamUtils;
 29   
 
 30   
 /**
 31   
  * @since 2.2
 32   
  * @author Leonardo Uribe
 33   
  */
 34   
 class RandomCsrfSessionTokenFactory extends CsrfSessionTokenFactory
 35   
 {
 36   
     private final Random random;
 37   
     private final int length;
 38   
 
 39   
     public RandomCsrfSessionTokenFactory(FacesContext facesContext)
 40  0 
     {
 41  0 
         length = WebConfigParamUtils.getIntegerInitParameter(
 42   
             facesContext.getExternalContext(),
 43   
             StateCache.RANDOM_KEY_IN_CSRF_SESSION_TOKEN_LENGTH_PARAM,
 44   
             StateCache.RANDOM_KEY_IN_CSRF_SESSION_TOKEN_LENGTH_PARAM_DEFAULT);
 45  0 
         random = new Random(((int) System.nanoTime()) + this.hashCode());
 46  0 
     }
 47   
 
 48   
     public Integer generateCounterKey(FacesContext facesContext)
 49   
     {
 50  0 
         ExternalContext externalContext = facesContext.getExternalContext();
 51  0 
         Object sessionObj = externalContext.getSession(true);
 52   
         Integer sequence;
 53  0 
         synchronized (sessionObj) // are handled at the same time for the session
 54   
         {
 55  0 
             Map<String, Object> map = externalContext.getSessionMap();
 56  0 
             sequence = (Integer) map.get(RendererUtils.SEQUENCE_PARAM);
 57  0 
             if (sequence == null || sequence.intValue() == Integer.MAX_VALUE)
 58   
             {
 59  0 
                 sequence = Integer.valueOf(1);
 60   
             }
 61   
             else
 62   
             {
 63  0 
                 sequence = Integer.valueOf(sequence.intValue() + 1);
 64   
             }
 65  0 
             map.put(RendererUtils.SEQUENCE_PARAM, sequence);
 66  0 
         }
 67  0 
         return sequence;
 68   
     }
 69   
 
 70   
     public byte[] generateKey(FacesContext facesContext)
 71   
     {
 72  0 
         byte[] array = new byte[length];
 73  0 
         random.nextBytes(array);
 74  0 
         return array;
 75   
     }
 76   
 
 77   
     @Override
 78   
     public String createCryptographicallyStrongTokenFromSession(FacesContext context)
 79   
     {
 80  0 
         byte[] key = generateKey(context);
 81  0 
         return new String(Hex.encodeHex(key));
 82   
     }
 83   
 }
Report generated by Cobertura 2.0.3 on 7/10/20 1:12 AM.