public static bool ShouldValidate(
this IBlocksAntiForgeryManager manager,
IBlocksAntiForgeryWebConfiguration antiForgeryWebConfiguration,
MethodInfo methodInfo,
HttpVerb httpVerb,
bool defaultValue)
{
if (!antiForgeryWebConfiguration.IsEnabled)
{
return(false);
}
if (methodInfo.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true))
{
return(true);
}
if (ReflectionHelper.GetSingleAttributeOfMemberOrDeclaringTypeOrDefault <DisableAbpAntiForgeryTokenValidationAttribute>(methodInfo) != null)
{
return(false);
}
if (antiForgeryWebConfiguration.IgnoredHttpVerbs.Contains(httpVerb))
{
return(false);
}
if (methodInfo.DeclaringType?.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true) ?? false)
{
return(true);
}
return(defaultValue);
}
public static void SetCookie(this IBlocksAntiForgeryManager manager, HttpContextBase context, IIdentity identity = null)
{
if (identity != null)
{
context.User = new ClaimsPrincipal(identity);
}
context.Response.Cookies.Add(new HttpCookie(manager.Configuration.TokenCookieName, manager.GenerateToken()));
}
public BlocksAntiForgeryMvcFilter(
IBlocksAntiForgeryManager abpAntiForgeryManager,
IAbpMvcConfiguration mvcConfiguration,
IBlocksAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_blocksAntiForgeryManager = abpAntiForgeryManager;
_mvcConfiguration = mvcConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
public static bool IsValid(this IBlocksAntiForgeryManager manager, HttpContextBase context)
{
var cookieValue = GetCookieValue(context);
if (cookieValue.IsNullOrEmpty())
{
return(true);
}
var formOrHeaderValue = manager.Configuration.GetFormOrHeaderValue(context);
if (formOrHeaderValue.IsNullOrEmpty())
{
return(false);
}
return(manager.As <IBlocksAntiForgeryValidator>().IsValid(cookieValue, formOrHeaderValue));
}
