Class BackOfficeAntiforgery
Anti-forgery implementation for the Umbraco back office
Inheritance
System.Object
Namespace: Umbraco.Cms.Web.BackOffice.Security
Assembly: Umbraco.Web.BackOffice.dll
Syntax
public class BackOfficeAntiforgery : IBackOfficeAntiforgery
Remarks
This is a wrapper around the global/default Microsoft.AspNetCore.Antiforgery.IAntiforgery .net service. Because this service is a single/global object and all of it is internal we don't have the flexibility to create our own segregated service so we have to work around that limitation by wrapping the default and doing a few tricks to have this segregated for the Back office only.
Constructors
View SourceBackOfficeAntiforgery(IOptionsMonitor<GlobalSettings>)
Declaration
public BackOfficeAntiforgery(IOptionsMonitor<GlobalSettings> globalSettings)
Parameters
Type | Name | Description |
---|---|---|
Microsoft.Extensions.Options.IOptionsMonitor<GlobalSettings> | globalSettings |
BackOfficeAntiforgery(IOptionsMonitor<GlobalSettings>, ILoggerFactory)
Declaration
public BackOfficeAntiforgery(IOptionsMonitor<GlobalSettings> globalSettings, ILoggerFactory loggerFactory)
Parameters
Type | Name | Description |
---|---|---|
Microsoft.Extensions.Options.IOptionsMonitor<GlobalSettings> | globalSettings | |
Microsoft.Extensions.Logging.ILoggerFactory | loggerFactory |
Methods
View SourceGetAndStoreTokens(HttpContext)
Generates tokens to use for the cookie and header antiforgery values
Declaration
public void GetAndStoreTokens(HttpContext httpContext)
Parameters
Type | Name | Description |
---|---|---|
Microsoft.AspNetCore.Http.HttpContext | httpContext |
ValidateRequestAsync(HttpContext)
Validates the headers/cookies passed in for the request
Declaration
public async Task<Attempt<string>> ValidateRequestAsync(HttpContext httpContext)
Parameters
Type | Name | Description |
---|---|---|
Microsoft.AspNetCore.Http.HttpContext | httpContext |
Returns
Type | Description |
---|---|
Task<Attempt<System.String>> |