Source: vertx-web-js/csrf_handler.js

/*
 * Copyright 2014 Red Hat, Inc.
 *
 * Red Hat licenses this file to you under the Apache License, version 2.0
 * (the "License"); you may not use this file except in compliance with the
 * License.  You may obtain a copy of the License at:
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */

/** @module vertx-web-js/csrf_handler */
var utils = require('vertx-js/util/utils');
var RoutingContext = require('vertx-web-js/routing_context');

var io = Packages.io;
var JsonObject = io.vertx.core.json.JsonObject;
var JCSRFHandler = Java.type('io.vertx.ext.web.handler.CSRFHandler');

/**
 This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set
 with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header.

 The behavior is to check the request body header and cookie for validity.

 This Handler requires session support, thus should be added somewhere below Session and Body handlers.

 @class
*/
var CSRFHandler = function(j_val) {

  var j_cSRFHandler = j_val;
  var that = this;

  /**

   @public
   @param arg0 {RoutingContext} 
   */
  this.handle = function(arg0) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'object' && __args[0]._jdel) {
      j_cSRFHandler["handle(io.vertx.ext.web.RoutingContext)"](arg0._jdel);
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks
   might use other names.

   @public
   @param name {string} a new name for the cookie. 
   @return {CSRFHandler} fluent
   */
  this.setCookieName = function(name) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setCookieName(java.lang.String)"](name);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the cookie path. By default / is used.

   @public
   @param path {string} a new path for the cookie. 
   @return {CSRFHandler} fluent
   */
  this.setCookiePath = function(path) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setCookiePath(java.lang.String)"](path);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other
   frameworks might use other names.

   @public
   @param name {string} a new name for the header. 
   @return {CSRFHandler} fluent
   */
  this.setHeaderName = function(name) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setHeaderName(java.lang.String)"](name);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Should the handler give warning messages if this handler is used in other than https protocols?

   @public
   @param nag {boolean} true to nag 
   @return {CSRFHandler} fluent
   */
  this.setNagHttps = function(nag) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] ==='boolean') {
      j_cSRFHandler["setNagHttps(boolean)"](nag);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the body returned by the handler when the XSRF token is missing or invalid.

   @public
   @param responseBody {string} the body of the response. If null, no response body will be returned. 
   @return {CSRFHandler} fluent
   */
  this.setResponseBody = function(responseBody) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] === 'string') {
      j_cSRFHandler["setResponseBody(java.lang.String)"](responseBody);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  /**
   Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

   @public
   @param timeout {number} token timeout 
   @return {CSRFHandler} fluent
   */
  this.setTimeout = function(timeout) {
    var __args = arguments;
    if (__args.length === 1 && typeof __args[0] ==='number') {
      j_cSRFHandler["setTimeout(long)"](timeout);
      return that;
    } else throw new TypeError('function invoked with invalid arguments');
  };

  // A reference to the underlying Java delegate
  // NOTE! This is an internal API and must not be used in user code.
  // If you rely on this property your code is likely to break if we change it / remove it without warning.
  this._jdel = j_cSRFHandler;
};

CSRFHandler._jclass = utils.getJavaClass("io.vertx.ext.web.handler.CSRFHandler");
CSRFHandler._jtype = {
  accept: function(obj) {
    return CSRFHandler._jclass.isInstance(obj._jdel);
  },
  wrap: function(jdel) {
    var obj = Object.create(CSRFHandler.prototype, {});
    CSRFHandler.apply(obj, arguments);
    return obj;
  },
  unwrap: function(obj) {
    return obj._jdel;
  }
};
CSRFHandler._create = function(jdel) {
  var obj = Object.create(CSRFHandler.prototype, {});
  CSRFHandler.apply(obj, arguments);
  return obj;
}
/**
 Instantiate a new CSRFHandlerImpl with a secret
 <p>
 <pre>
 CSRFHandler.create("s3cr37")
 </pre>

 @memberof module:vertx-web-js/csrf_handler
 @param secret {string} server secret to sign the token. 
 @return {CSRFHandler}
 */
CSRFHandler.create = function(secret) {
  var __args = arguments;
  if (__args.length === 1 && typeof __args[0] === 'string') {
    return utils.convReturnVertxGen(CSRFHandler, JCSRFHandler["create(java.lang.String)"](secret));
  } else throw new TypeError('function invoked with invalid arguments');
};

module.exports = CSRFHandler;