Example 1 with SameSiteCookie
use of org.wso2.carbon.core.SameSiteCookie in project carbon-identity-framework by wso2.
the class FrameworkUtils method setCookie.
public static void setCookie(HttpServletRequest req, HttpServletResponse resp, String cookieName, String id, Integer age, SameSiteCookie setSameSite, String path) {
CookieBuilder cookieBuilder = new CookieBuilder(cookieName, id);
IdentityCookieConfig cookieConfig = IdentityUtil.getIdentityCookieConfig(cookieName);
if (cookieConfig != null) {
updateCookieConfig(cookieBuilder, cookieConfig, age, path);
} else {
cookieBuilder.setSecure(true);
cookieBuilder.setHttpOnly(true);
cookieBuilder.setPath(StringUtils.isNotBlank(path) ? path : ROOT_DOMAIN);
cookieBuilder.setSameSite(setSameSite);
if (age != null) {
cookieBuilder.setMaxAge(age);
}
}
resp.addCookie(cookieBuilder.build());
}
Also used :
CookieBuilder(org.wso2.carbon.identity.core.model.CookieBuilder)
IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)
Example 2 with SameSiteCookie
use of org.wso2.carbon.core.SameSiteCookie in project carbon-identity-framework by wso2.
the class FrameworkUtils method removeCookie.
public static void removeCookie(HttpServletRequest req, HttpServletResponse resp, String cookieName, SameSiteCookie sameSiteCookie, String path) {
Cookie[] cookies = req.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(cookieName)) {
CookieBuilder cookieBuilder = new CookieBuilder(cookieName, cookie.getValue());
IdentityCookieConfig cookieConfig = IdentityUtil.getIdentityCookieConfig(cookieName);
if (cookieConfig != null) {
updateCookieConfig(cookieBuilder, cookieConfig, 0, path);
} else {
cookieBuilder.setHttpOnly(true);
cookieBuilder.setSecure(true);
cookieBuilder.setPath(StringUtils.isNotBlank(path) ? path : ROOT_DOMAIN);
cookieBuilder.setSameSite(sameSiteCookie);
}
cookieBuilder.setMaxAge(0);
resp.addCookie(cookieBuilder.build());
break;
}
}
}
}
Also used :
SameSiteCookie(org.wso2.carbon.core.SameSiteCookie)
Cookie(javax.servlet.http.Cookie)
CookieBuilder(org.wso2.carbon.identity.core.model.CookieBuilder)
IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)
Example 3 with SameSiteCookie
use of org.wso2.carbon.core.SameSiteCookie in project carbon-identity-framework by wso2.
the class IdentityConfigParser method buildCookieConfig.
private void buildCookieConfig() {
OMElement cookiesConfig = this.getConfigElement(IdentityConstants.COOKIES_CONFIG);
if (cookiesConfig != null) {
Iterator<OMElement> cookies = cookiesConfig.getChildrenWithName(new QName(IdentityCoreConstants.IDENTITY_DEFAULT_NAMESPACE, IdentityConstants.COOKIE));
if (cookies != null) {
while (cookies.hasNext()) {
OMElement cookie = cookies.next();
String cookieName = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_NAME));
if (StringUtils.isBlank(cookieName)) {
throw IdentityRuntimeException.error("Cookie name not defined correctly");
}
IdentityCookieConfig cookieConfig = new IdentityCookieConfig(cookieName);
String domain = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_DOMAIN));
if (StringUtils.isNotBlank(domain)) {
cookieConfig.setDomain(domain);
}
String path = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_PATH));
if (StringUtils.isNotBlank(path)) {
cookieConfig.setPath(path);
}
String comment = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_COMMENT));
if (StringUtils.isNotBlank(comment)) {
cookieConfig.setComment(comment);
}
String version = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_VERSION));
if (StringUtils.isNotBlank(version)) {
cookieConfig.setVersion(Integer.valueOf(version));
}
String magAge = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_MAX_AGE));
if (StringUtils.isNotBlank(magAge)) {
cookieConfig.setMaxAge(Integer.valueOf(magAge));
}
String secure = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_SECURE));
if (StringUtils.isNotBlank(secure)) {
cookieConfig.setSecure(Boolean.valueOf(secure));
}
String httpOnly = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_HTTP_ONLY));
if (StringUtils.isNotBlank(httpOnly)) {
cookieConfig.setIsHttpOnly(Boolean.valueOf(httpOnly));
}
String sameSiteString = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_SAME_SITE));
if (StringUtils.isNotEmpty(sameSiteString)) {
try {
SameSiteCookie sameSite = SameSiteCookie.valueOf(sameSiteString);
cookieConfig.setSameSite(sameSite);
} catch (IllegalArgumentException ex) {
throw new IllegalArgumentException("sameSite value should be Strict or Lax or None. ", ex);
}
}
// Add the config to container
identityCookieConfigurationHolder.put(cookieName, cookieConfig);
}
}
}
}
Also used :
QName(javax.xml.namespace.QName)
IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)
OMElement(org.apache.axiom.om.OMElement)
SameSiteCookie(org.wso2.carbon.core.SameSiteCookie)
Aggregations
IdentityCookieConfig (org.wso2.carbon.identity.core.model.IdentityCookieConfig)3
SameSiteCookie (org.wso2.carbon.core.SameSiteCookie)2
CookieBuilder (org.wso2.carbon.identity.core.model.CookieBuilder)2
Cookie (javax.servlet.http.Cookie)1
QName (javax.xml.namespace.QName)1
OMElement (org.apache.axiom.om.OMElement)1
