Examples with CookieGenerationContext org.apereo.cas.web.cookie.CookieGenerationContext used on opensource projects

Search in sources :

Example 1 with CookieGenerationContext

use of org.apereo.cas.web.cookie.CookieGenerationContext in project cas by apereo.

the class CookieRetrievingCookieGenerator method addCookieHeaderToResponse.

/**
 * Add cookie header to response.
 *
 * @param cookie   the cookie
 * @param request  the request
 * @param response the response
 * @return the cookie
 */
protected Cookie addCookieHeaderToResponse(final Cookie cookie, final HttpServletRequest request, final HttpServletResponse response) {
    val builder = new StringBuilder();
    builder.append(String.format("%s=%s;", cookie.getName(), cookie.getValue()));
    if (cookie.getMaxAge() > -1) {
        builder.append(String.format(" Max-Age=%s;", cookie.getMaxAge()));
    }
    if (StringUtils.isNotBlank(cookie.getDomain())) {
        builder.append(String.format(" Domain=%s;", cookie.getDomain()));
    }
    val path = cleanCookiePath(cookie.getPath());
    builder.append(String.format(" Path=%s;", path));
    val sameSiteResult = CookieSameSitePolicy.of(cookieGenerationContext).build(request, response);
    sameSiteResult.ifPresent(result -> builder.append(String.format(" %s", result)));
    val sameSitePolicy = cookieGenerationContext.getSameSitePolicy().toLowerCase();
    if (cookie.getSecure() || (sameSiteResult.isPresent() && StringUtils.equalsIgnoreCase(sameSiteResult.get(), "none"))) {
        builder.append(" Secure;");
        LOGGER.trace("Marked cookie [{}] as secure as indicated by cookie configuration or " + "the configured same-site policy set to [{}]", cookie.getName(), sameSitePolicy);
    }
    if (cookie.isHttpOnly()) {
        builder.append(" HttpOnly;");
    }
    val value = StringUtils.removeEndIgnoreCase(builder.toString(), ";");
    LOGGER.trace("Adding cookie header as [{}]", value);
    val setCookieHeaders = response.getHeaders("Set-Cookie");
    response.setHeader("Set-Cookie", value);
    setCookieHeaders.stream().filter(header -> !header.startsWith(cookie.getName() + '=')).forEach(header -> response.addHeader("Set-Cookie", header));
    return cookie;
}
Also used : lombok.val(lombok.val) Arrays(java.util.Arrays) Getter(lombok.Getter) CookieSameSitePolicy(org.apereo.cas.web.cookie.CookieSameSitePolicy) RememberMeCredential(org.apereo.cas.authentication.RememberMeCredential) StringUtils(org.apache.commons.lang3.StringUtils) RequestContext(org.springframework.webflow.execution.RequestContext) InvalidCookieException(org.apereo.cas.web.support.InvalidCookieException) LoggingUtils(org.apereo.cas.util.LoggingUtils) FunctionUtils(org.apereo.cas.util.function.FunctionUtils) HttpServletRequest(javax.servlet.http.HttpServletRequest) CasCookieBuilder(org.apereo.cas.web.cookie.CasCookieBuilder) CookieGenerator(org.springframework.web.util.CookieGenerator) Cookie(javax.servlet.http.Cookie) CookieGenerationContext(org.apereo.cas.web.cookie.CookieGenerationContext) NonNull(lombok.NonNull) lombok.val(lombok.val) HttpServletResponse(javax.servlet.http.HttpServletResponse) NoOpCookieValueManager(org.apereo.cas.web.support.mgmr.NoOpCookieValueManager) CookieValueManager(org.apereo.cas.web.cookie.CookieValueManager) Serializable(java.io.Serializable) Objects(java.util.Objects) Slf4j(lombok.extern.slf4j.Slf4j) Stream(java.util.stream.Stream) Optional(java.util.Optional) CoreAuthenticationUtils(org.apereo.cas.authentication.CoreAuthenticationUtils) WebUtils(org.apereo.cas.web.support.WebUtils)

Aggregations

Serializable (java.io.Serializable)1 Arrays (java.util.Arrays)1 Objects (java.util.Objects)1 Optional (java.util.Optional)1 Stream (java.util.stream.Stream)1 Cookie (javax.servlet.http.Cookie)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Getter (lombok.Getter)1 NonNull (lombok.NonNull)1 Slf4j (lombok.extern.slf4j.Slf4j)1 lombok.val (lombok.val)1 StringUtils (org.apache.commons.lang3.StringUtils)1 CoreAuthenticationUtils (org.apereo.cas.authentication.CoreAuthenticationUtils)1 RememberMeCredential (org.apereo.cas.authentication.RememberMeCredential)1 LoggingUtils (org.apereo.cas.util.LoggingUtils)1 FunctionUtils (org.apereo.cas.util.function.FunctionUtils)1 CasCookieBuilder (org.apereo.cas.web.cookie.CasCookieBuilder)1 CookieGenerationContext (org.apereo.cas.web.cookie.CookieGenerationContext)1 CookieSameSitePolicy (org.apereo.cas.web.cookie.CookieSameSitePolicy)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial