TokenHolder (OWASP CSRFGuard 4.5.0 API)

All Known Implementing Classes:

InMemoryTokenHolder
```
public interface TokenHolder
```
Interface used for storing and manipulating tokens across the solution. Methods of this class should only be used through the TokenService and its relevant subclass(es)

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`String`	`createMasterTokenIfAbsent(String sessionKey, Supplier<String> valueSupplier)` Creates and returns a new master token bound to the provided session key if there wasn't any or returns the existing value.
`String`	`createPageTokenIfAbsent(String sessionKey, String resourceUri, Supplier<String> valueSupplier)` Creates and returns a new page token bound to the provided resource URI and mapped to the session key if there wasn't any or returns the existing value.
`String`	`getPageToken(String sessionKey, String resourceUri)` Returns the page token based on the desired HTTP resource URI and logical session key
`Map<String,String>`	`getPageTokens(String sessionKey)` Returns all page tokens associated to the provided logical session key
`Token`	`getToken(String sessionKey)` Returns the master and page tokens associated to a logical session key
`void`	`regenerateUsedPageToken(String sessionKey, String tokenFromRequest, Supplier<String> tokenValueSupplier)` Re-generates the value of a used page token
`void`	`remove(String sessionKey)` Removes all tokens related to a specific logical session key
`void`	`rotateAllPageTokens(String sessionKey, Supplier<String> tokenValueSupplier)` Re-generates all existing tokens associated to the provided logical session key
`void`	`setMasterToken(String sessionKey, String value)` Sets or overwrites the master token bound to a specific session key.
`void`	`setPageToken(String sessionKey, String resourceUri, String value)` Sets the value of a page token based on the desired HTTP resource URI and logical session key
`void`	`setPageTokens(String sessionKey, Map<String,String> pageTokens)` Sets/overwrites the page tokens with the provided values

- Method Detail
  - setMasterToken
```
void setMasterToken(String sessionKey,
                    String value)
```
    Sets or overwrites the master token bound to a specific session key. It does not overwrite the session key associated page tokens.
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    value - the value to be used as master token
  - createMasterTokenIfAbsent
```
String createMasterTokenIfAbsent(String sessionKey,
                                 Supplier<String> valueSupplier)
```
    Creates and returns a new master token bound to the provided session key if there wasn't any or returns the existing value.
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    valueSupplier - produces a new master token value lazily/on demand
    
    Returns:
    
    the created master token
  - createPageTokenIfAbsent
```
String createPageTokenIfAbsent(String sessionKey,
                               String resourceUri,
                               Supplier<String> valueSupplier)
```
    Creates and returns a new page token bound to the provided resource URI and mapped to the session key if there wasn't any or returns the existing value. If there are no tokens associated to the session key it also creates a new master token.
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    resourceUri - the URI of the desired HTTP resource
    
    valueSupplier - produces a new page token value lazily/on demand
    
    Returns:
    
    the existing or newly created page token
  - getToken
```
Token getToken(String sessionKey)
```
    Returns the master and page tokens associated to a logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    Returns:
    
    a token object containing the master and page tokens
  - getPageToken
```
String getPageToken(String sessionKey,
                    String resourceUri)
```
    Returns the page token based on the desired HTTP resource URI and logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    resourceUri - the URI of the desired HTTP resource
    
    Returns:
    
    a page token bound to a resource URI and associated to a logical session key or NULL if there is no token with identified by the session key
  - setPageToken
```
void setPageToken(String sessionKey,
                  String resourceUri,
                  String value)
```
    Sets the value of a page token based on the desired HTTP resource URI and logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    resourceUri - the URI of the desired HTTP resource
    
    value - the value to be used as token for the page
  - setPageTokens
```
void setPageTokens(String sessionKey,
                   Map<String,String> pageTokens)
```
    Sets/overwrites the page tokens with the provided values
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    pageTokens - page tokens mapped to their resource URIs
  - getPageTokens
```
Map<String,String> getPageTokens(String sessionKey)
```
    Returns all page tokens associated to the provided logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    Returns:
    
    page tokens mapped to their resource URIs
  - remove
```
void remove(String sessionKey)
```
    Removes all tokens related to a specific logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
  - rotateAllPageTokens
```
void rotateAllPageTokens(String sessionKey,
                         Supplier<String> tokenValueSupplier)
```
    Re-generates all existing tokens associated to the provided logical session key
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    tokenValueSupplier - produces a new page token value lazily/on demand
  - regenerateUsedPageToken
```
void regenerateUsedPageToken(String sessionKey,
                             String tokenFromRequest,
                             Supplier<String> tokenValueSupplier)
```
    Re-generates the value of a used page token
    
    Parameters:
    
    sessionKey - identifies the current logical session uniquely
    
    tokenFromRequest - the token extracted from the request
    
    tokenValueSupplier - produces a new page token value lazily/on demand

Interface TokenHolder

Method Summary

Method Detail

setMasterToken

createMasterTokenIfAbsent

createPageTokenIfAbsent

getToken

getPageToken

setPageToken

setPageTokens

getPageTokens

remove

rotateAllPageTokens

regenerateUsedPageToken