Search in sources :

Example 1 with ResponseCookie

use of org.springframework.http.ResponseCookie in project spring-framework by spring-projects.

the class ServletServerHttpResponse method applyCookies.

@Override
protected void applyCookies() {
    for (String name : getCookies().keySet()) {
        for (ResponseCookie httpCookie : getCookies().get(name)) {
            Cookie cookie = new Cookie(name, httpCookie.getValue());
            if (!httpCookie.getMaxAge().isNegative()) {
                cookie.setMaxAge((int) httpCookie.getMaxAge().getSeconds());
            }
            httpCookie.getDomain().ifPresent(cookie::setDomain);
            httpCookie.getPath().ifPresent(cookie::setPath);
            cookie.setSecure(httpCookie.isSecure());
            cookie.setHttpOnly(httpCookie.isHttpOnly());
            this.response.addCookie(cookie);
        }
    }
}
Also used : Cookie(javax.servlet.http.Cookie) ResponseCookie(org.springframework.http.ResponseCookie) ResponseCookie(org.springframework.http.ResponseCookie)

Example 2 with ResponseCookie

use of org.springframework.http.ResponseCookie in project spring-framework by spring-projects.

the class ReactorClientHttpResponse method getCookies.

@Override
public MultiValueMap<String, ResponseCookie> getCookies() {
    MultiValueMap<String, ResponseCookie> result = new LinkedMultiValueMap<>();
    this.response.cookies().values().stream().flatMap(Collection::stream).forEach(cookie -> {
        ResponseCookie responseCookie = ResponseCookie.from(cookie.name(), cookie.value()).domain(cookie.domain()).path(cookie.path()).maxAge(cookie.maxAge()).secure(cookie.isSecure()).httpOnly(cookie.isHttpOnly()).build();
        result.add(cookie.name(), responseCookie);
    });
    return CollectionUtils.unmodifiableMultiValueMap(result);
}
Also used : LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) ResponseCookie(org.springframework.http.ResponseCookie)

Example 3 with ResponseCookie

use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.

the class CookieServerCsrfTokenRepository method saveToken.

@Override
public Mono<Void> saveToken(ServerWebExchange exchange, CsrfToken token) {
    return Mono.fromRunnable(() -> {
        String tokenValue = (token != null) ? token.getToken() : "";
        // @formatter:off
        ResponseCookie cookie = ResponseCookie.from(this.cookieName, tokenValue).domain(this.cookieDomain).httpOnly(this.cookieHttpOnly).maxAge(!tokenValue.isEmpty() ? -1 : 0).path((this.cookiePath != null) ? this.cookiePath : getRequestContext(exchange.getRequest())).secure((this.secure != null) ? this.secure : (exchange.getRequest().getSslInfo() != null)).build();
        // @formatter:on
        exchange.getResponse().addCookie(cookie);
    });
}
Also used : ResponseCookie(org.springframework.http.ResponseCookie)

Example 4 with ResponseCookie

use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.

the class CookieServerCsrfTokenRepositoryTests method saveTokenWhenSslInfoPresentThenSecure.

@Test
public void saveTokenWhenSslInfoPresentThenSecure() {
    this.request.sslInfo(new MockSslInfo());
    MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
    this.csrfTokenRepository.saveToken(exchange, createToken()).block();
    ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
    assertThat(cookie).isNotNull();
    assertThat(cookie.isSecure()).isTrue();
}
Also used : MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) ResponseCookie(org.springframework.http.ResponseCookie) Test(org.junit.jupiter.api.Test)

Example 5 with ResponseCookie

use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.

the class CookieServerRequestCacheTests method removeMatchingRequestThenRedirectUriCookieExpired.

@Test
public void removeMatchingRequestThenRedirectUriCookieExpired() {
    MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/secured/").accept(MediaType.TEXT_HTML).cookie(new HttpCookie("REDIRECT_URI", "/secured/")));
    this.cache.removeMatchingRequest(exchange).block();
    MultiValueMap<String, ResponseCookie> cookies = exchange.getResponse().getCookies();
    ResponseCookie cookie = cookies.getFirst("REDIRECT_URI");
    assertThat(cookie).isNotNull();
    assertThat(cookie.toString()).isEqualTo("REDIRECT_URI=; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Lax");
}
Also used : MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) HttpCookie(org.springframework.http.HttpCookie) ResponseCookie(org.springframework.http.ResponseCookie) Test(org.junit.jupiter.api.Test)

Aggregations

ResponseCookie (org.springframework.http.ResponseCookie)35 Test (org.junit.jupiter.api.Test)23 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)12 HttpHeaders (org.springframework.http.HttpHeaders)6 DataBuffer (org.springframework.core.io.buffer.DataBuffer)5 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)5 MockServerHttpRequest (org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)5 MockServerWebExchange (org.springframework.web.testfixture.server.MockServerWebExchange)5 Mono (reactor.core.publisher.Mono)5 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 HttpStatus (org.springframework.http.HttpStatus)4 Collections (java.util.Collections)3 MultiValueMap (org.springframework.util.MultiValueMap)3 MockServerHttpResponse (org.springframework.web.testfixture.http.server.reactive.MockServerHttpResponse)3 Flux (reactor.core.publisher.Flux)3 StepVerifier (reactor.test.StepVerifier)3 Cookie (io.netty.handler.codec.http.cookie.Cookie)2 DefaultCookie (io.netty.handler.codec.http.cookie.DefaultCookie)2 URI (java.net.URI)2 StandardCharsets (java.nio.charset.StandardCharsets)2