use of io.micronaut.http.cookie.Cookie in project micronaut-security by micronaut-projects.
the class CookieStatePersistence method persistState.
@Override
public void persistState(HttpRequest<?> request, MutableHttpResponse response, State state) {
String serializedState = stateSerDes.serialize(state);
if (serializedState != null) {
Cookie cookie = Cookie.of(configuration.getCookieName(), serializedState);
cookie.configure(configuration, request.isSecure());
response.cookie(cookie);
}
}
use of io.micronaut.http.cookie.Cookie in project micronaut-security by micronaut-projects.
the class IdTokenLoginHandler method getCookies.
/**
* {@inheritDoc}
*/
@Override
public List<Cookie> getCookies(Authentication authentication, HttpRequest<?> request) {
List<Cookie> cookies = new ArrayList<>(1);
String accessToken = parseIdToken(authentication).orElseThrow(() -> new OauthErrorResponseException(ObtainingAuthorizationErrorCode.SERVER_ERROR, "Cannot obtain an access token", null));
Cookie jwtCookie = Cookie.of(accessTokenCookieConfiguration.getCookieName(), accessToken);
jwtCookie.configure(accessTokenCookieConfiguration, request.isSecure());
jwtCookie.maxAge(cookieExpiration(authentication, request));
cookies.add(jwtCookie);
return cookies;
}
use of io.micronaut.http.cookie.Cookie in project micronaut-security by micronaut-projects.
the class JwtCookieLoginHandler method getCookies.
/**
* Return the cookies for the given parameters.
*
* @param accessRefreshToken The access refresh token
* @param request The current request
* @return A list of cookies
*/
protected List<Cookie> getCookies(AccessRefreshToken accessRefreshToken, HttpRequest<?> request) {
List<Cookie> cookies = new ArrayList<>(2);
Cookie jwtCookie = Cookie.of(accessTokenCookieConfiguration.getCookieName(), accessRefreshToken.getAccessToken());
jwtCookie.configure(accessTokenCookieConfiguration, request.isSecure());
TemporalAmount maxAge = accessTokenCookieConfiguration.getCookieMaxAge().orElseGet(() -> Duration.ofSeconds(accessTokenConfiguration.getExpiration()));
jwtCookie.maxAge(maxAge);
cookies.add(jwtCookie);
String refreshToken = accessRefreshToken.getRefreshToken();
if (StringUtils.isNotEmpty(refreshToken)) {
Cookie refreshCookie = Cookie.of(refreshTokenCookieConfiguration.getCookieName(), refreshToken);
refreshCookie.configure(refreshTokenCookieConfiguration, request.isSecure());
refreshCookie.maxAge(refreshTokenCookieConfiguration.getCookieMaxAge().orElseGet(() -> Duration.ofDays(30)));
cookies.add(refreshCookie);
}
return cookies;
}
use of io.micronaut.http.cookie.Cookie in project micronaut-multitenancy by micronaut-projects.
the class CookieTenantWriter method writeTenant.
/**
* Writes the Tenant Id in a cookie of the request.
* @param request The {@link MutableHttpRequest} instance
* @param tenant Tenant Id
*/
@Override
public void writeTenant(MutableHttpRequest<?> request, Serializable tenant) {
if (tenant instanceof String) {
Cookie cookie = Cookie.of(cookieTenantWriterConfiguration.getCookiename(), (String) tenant);
cookie.configure(cookieTenantWriterConfiguration, request.isSecure());
if (cookieTenantWriterConfiguration.getCookieMaxAge().isPresent()) {
cookie.maxAge(cookieTenantWriterConfiguration.getCookieMaxAge().get());
} else {
cookie.maxAge(Integer.MAX_VALUE);
}
request.cookie(cookie);
}
}
use of io.micronaut.http.cookie.Cookie in project micronaut-graphql by micronaut-projects.
the class LoginDataFetcher method get.
@Override
public LoginPayload get(DataFetchingEnvironment environment) throws Exception {
GraphQLContext graphQLContext = environment.getContext();
if (LOGIN_RATE_LIMIT_REMAINING <= 0) {
addRateLimitHeaders(graphQLContext);
resetRateLimit();
return LoginPayload.ofError("Rate Limit Exceeded");
}
HttpRequest httpRequest = graphQLContext.get("httpRequest");
MutableHttpResponse<String> httpResponse = graphQLContext.get("httpResponse");
String username = environment.getArgument("username");
String password = environment.getArgument("password");
UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(username, password);
LOGIN_RATE_LIMIT_REMAINING--;
Flux<AuthenticationResponse> authenticationResponseFlowable = Flux.from(authenticator.authenticate(httpRequest, usernamePasswordCredentials));
return authenticationResponseFlowable.map(authenticationResponse -> {
addRateLimitHeaders(graphQLContext);
if (authenticationResponse.isAuthenticated()) {
eventPublisher.publishEvent(new LoginSuccessfulEvent(authenticationResponse));
Optional<Cookie> jwtCookie = accessTokenCookie(Authentication.build(username), httpRequest);
jwtCookie.ifPresent(httpResponse::cookie);
User user = userRepository.findByUsername(username).orElse(null);
return LoginPayload.ofUser(user);
} else {
eventPublisher.publishEvent(new LoginFailedEvent(authenticationResponse));
return LoginPayload.ofError(authenticationResponse.getMessage().orElse(null));
}
}).blockFirst();
}
Aggregations