Example 6 with Cookie
use of io.undertow.server.handlers.Cookie in project undertow by undertow-io.
the class SingleSignOnAuthenticationMechanism method authenticate.
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
final String ssoId = cookie.getValue();
log.tracef("Found SSO cookie %s", ssoId);
try (SingleSignOn sso = this.singleSignOnManager.findSingleSignOn(ssoId)) {
if (sso != null) {
if (log.isTraceEnabled()) {
log.tracef("SSO session with ID: %s found.", ssoId);
}
Account verified = getIdentityManager(securityContext).verify(sso.getAccount());
if (verified == null) {
if (log.isTraceEnabled()) {
log.tracef("Account not found. Returning 'not attempted' here.");
}
//we return not attempted here to allow other mechanisms to proceed as normal
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
final Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
securityContext.authenticationComplete(verified, sso.getMechanismName(), false);
securityContext.registerNotificationReceiver(new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) {
singleSignOnManager.removeSingleSignOn(sso);
}
}
});
log.tracef("Authenticated account %s using SSO", verified.getPrincipal().getName());
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
}
clearSsoCookie(exchange);
}
exchange.addResponseWrapper(responseListener);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Also used :
Cookie(io.undertow.server.handlers.Cookie)
Account(io.undertow.security.idm.Account)
NotificationReceiver(io.undertow.security.api.NotificationReceiver)
Session(io.undertow.server.session.Session)
SecurityNotification(io.undertow.security.api.SecurityNotification)
Example 7 with Cookie
use of io.undertow.server.handlers.Cookie in project undertow by undertow-io.
the class SessionCookieConfig method clearSession.
@Override
public void clearSession(final HttpServerExchange exchange, final String sessionId) {
Cookie cookie = new CookieImpl(cookieName, sessionId).setPath(path).setDomain(domain).setDiscard(discard).setSecure(secure).setHttpOnly(httpOnly).setMaxAge(0);
exchange.setResponseCookie(cookie);
UndertowLogger.SESSION_LOGGER.tracef("Clearing session cookie session id %s on %s", sessionId, exchange);
}
Also used :
Cookie(io.undertow.server.handlers.Cookie)
CookieImpl(io.undertow.server.handlers.CookieImpl)
Example 8 with Cookie
use of io.undertow.server.handlers.Cookie in project undertow by undertow-io.
the class SessionCookieConfig method setSessionId.
@Override
public void setSessionId(final HttpServerExchange exchange, final String sessionId) {
Cookie cookie = new CookieImpl(cookieName, sessionId).setPath(path).setDomain(domain).setDiscard(discard).setSecure(secure).setHttpOnly(httpOnly).setComment(comment);
if (maxAge > 0) {
cookie.setMaxAge(maxAge);
}
exchange.setResponseCookie(cookie);
UndertowLogger.SESSION_LOGGER.tracef("Setting session cookie session id %s on %s", sessionId, exchange);
}
Also used :
Cookie(io.undertow.server.handlers.Cookie)
CookieImpl(io.undertow.server.handlers.CookieImpl)
Example 9 with Cookie
use of io.undertow.server.handlers.Cookie in project undertow by undertow-io.
the class Cookies method parseCookie.
private static void parseCookie(final String cookie, final Map<String, Cookie> parsedCookies, int maxCookies, boolean allowEqualInValue) {
int state = 0;
String name = null;
int start = 0;
int cookieCount = parsedCookies.size();
final Map<String, String> cookies = new HashMap<>();
final Map<String, String> additional = new HashMap<>();
for (int i = 0; i < cookie.length(); ++i) {
char c = cookie.charAt(i);
switch(state) {
case 0:
{
//eat leading whitespace
if (c == ' ' || c == '\t' || c == ';') {
start = i + 1;
break;
}
state = 1;
//fall through
}
case 1:
{
//extract key
if (c == '=') {
name = cookie.substring(start, i);
start = i + 1;
state = 2;
} else if (c == ';') {
if (name != null) {
cookieCount = createCookie(name, cookie.substring(start, i), maxCookies, cookieCount, cookies, additional);
} else if (UndertowLogger.REQUEST_LOGGER.isTraceEnabled()) {
UndertowLogger.REQUEST_LOGGER.trace("Ignoring invalid cookies in header " + cookie);
}
state = 0;
start = i + 1;
}
break;
}
case 2:
{
//extract value
if (c == ';') {
cookieCount = createCookie(name, cookie.substring(start, i), maxCookies, cookieCount, cookies, additional);
state = 0;
start = i + 1;
} else if (c == '"' && start == i) {
//only process the " if it is the first character
state = 3;
start = i + 1;
} else if (!allowEqualInValue && c == '=') {
cookieCount = createCookie(name, cookie.substring(start, i), maxCookies, cookieCount, cookies, additional);
state = 4;
start = i + 1;
}
break;
}
case 3:
{
//extract quoted value
if (c == '"') {
cookieCount = createCookie(name, cookie.substring(start, i), maxCookies, cookieCount, cookies, additional);
state = 0;
start = i + 1;
}
break;
}
case 4:
{
//skip value portion behind '='
if (c == ';') {
state = 0;
}
start = i + 1;
break;
}
}
}
if (state == 2) {
createCookie(name, cookie.substring(start), maxCookies, cookieCount, cookies, additional);
}
for (final Map.Entry<String, String> entry : cookies.entrySet()) {
Cookie c = new CookieImpl(entry.getKey(), entry.getValue());
String domain = additional.get(DOMAIN);
if (domain != null) {
c.setDomain(domain);
}
String version = additional.get(VERSION);
if (version != null) {
c.setVersion(Integer.parseInt(version));
}
String path = additional.get(PATH);
if (path != null) {
c.setPath(path);
}
parsedCookies.put(c.getName(), c);
}
}Example 10 with Cookie
use of io.undertow.server.handlers.Cookie in project spring-framework by spring-projects.
the class UndertowServerHttpRequest method initCookies.
@Override
protected MultiValueMap<String, HttpCookie> initCookies() {
MultiValueMap<String, HttpCookie> cookies = new LinkedMultiValueMap<>();
for (String name : this.exchange.getRequestCookies().keySet()) {
Cookie cookie = this.exchange.getRequestCookies().get(name);
HttpCookie httpCookie = new HttpCookie(name, cookie.getValue());
cookies.add(name, httpCookie);
}
return cookies;
}
Also used :
Cookie(io.undertow.server.handlers.Cookie)
HttpCookie(org.springframework.http.HttpCookie)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
HttpCookie(org.springframework.http.HttpCookie)
Aggregations
Cookie (io.undertow.server.handlers.Cookie)21
UnitTest (io.undertow.testutils.category.UnitTest)12
Test (org.junit.Test)12
CookieImpl (io.undertow.server.handlers.CookieImpl)4
HttpString (io.undertow.util.HttpString)2
NotificationReceiver (io.undertow.security.api.NotificationReceiver)1
SecurityNotification (io.undertow.security.api.SecurityNotification)1
Account (io.undertow.security.idm.Account)1
Session (io.undertow.server.session.Session)1
HeaderMap (io.undertow.util.HeaderMap)1
HeaderValues (io.undertow.util.HeaderValues)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
TreeMap (java.util.TreeMap)1
HttpCookie (org.springframework.http.HttpCookie)1
ResponseCookie (org.springframework.http.ResponseCookie)1
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)1
