/**
  * Creates a new instance.
  *
  * @param nonceCache a cache to place used CSRF tokens. This is required to ensure the consumed
  *     token is never used again, which is mandatory for CSRF protection. This cache <em>MUST</em>
  *     have a TTL value equal to or greater than {@code ttlMillis}. Cache key: a unique token ID,
  *     Cache value: the used token
  * @param signingKey a base64-encoded (and hopefully secure-random) cryptographic signing key used
  *     to digitally sign the CSRF token to ensure it cannot be tampered with by HTTP clients.
  * @param ttlMillis the length of time in milliseconds for which a generated CSRF token is valid.
  *     When a token is created, it cannot be used after this duration, even if it has not been
  *     consumed yet.
  */
 public CacheCsrfTokenRepository(Cache nonceCache, String signingKey, long ttlMillis) {
   Assert.notNull(nonceCache, "nonce cache cannot be null.");
   this.nonceCache = nonceCache;
   Assert.hasText(signingKey, "signingKey cannot be null or empty.");
   this.signingKey = signingKey;
   Assert.isTrue(ttlMillis > 0, "ttlMillis must be greater than zero.");
   this.ttlMillis = ttlMillis;
 }
 /* @since 1.0.RC5 */
 private Error constructError(Map jsonMap) {
   Assert.isTrue(isError(jsonMap));
   Map<String, Object> errorMap = getRequiredValue(jsonMap, ERROR);
   Error error =
       new DefaultErrorBuilder((Integer) getRequiredValue(errorMap, STATUS))
           .code((Integer) getRequiredValue(errorMap, "code"))
           .developerMessage((String) getRequiredValue(errorMap, "developerMessage"))
           .message((String) getRequiredValue(errorMap, "message"))
           .moreInfo((String) getRequiredValue(errorMap, "moreInfo"))
           .build();
   return error;
 }
  private String getJwtResponse(Object httpRequestObject) {
    String jwtResponse;

    if (HttpRequest.class.isAssignableFrom(httpRequestObject.getClass())) {

      HttpRequest httpRequest = (HttpRequest) httpRequestObject;

      Assert.isTrue(
          httpRequest.getMethod() == HttpMethod.GET, "Only Http GET method is supported.");

      jwtResponse = httpRequest.getParameter(JWT_RESPONSE);

    } else {
      // This must never happen, if the object request is of HttpServletRequest type the
      // HTTP_SERVLET_REQUEST_WRAPPER_CLASS
      // must be already loaded and therefore cannot be null.
      if (HTTP_SERVLET_REQUEST_WRAPPER_CLASS == null) {
        throw new RuntimeException(
            "DefaultHttpServletRequestWrapper not loaded error occurred while handling httpRequest of type: "
                + httpRequestObject.getClass().getName());
      }

      Constructor<? extends HttpServletRequestWrapper> ctor =
          Classes.getConstructor(HTTP_SERVLET_REQUEST_WRAPPER_CLASS, Object.class);

      HttpServletRequestWrapper httpServletRequestWrapper =
          Classes.instantiate(ctor, httpRequestObject);
      HttpMethod method = HttpMethod.fromName(httpServletRequestWrapper.getMethod());
      Assert.isTrue(HttpMethod.GET == method, "Only Http GET method is supported.");

      jwtResponse = httpServletRequestWrapper.getParameter(JWT_RESPONSE);
    }

    if (!Strings.hasText(jwtResponse)) {
      throw new InvalidJwtException(InvalidJwtException.JWT_REQUIRED_ERROR);
    }
    return jwtResponse;
  }