Search in sources :

Example 1 with IdentityCookieConfig

use of org.wso2.carbon.identity.core.model.IdentityCookieConfig in project carbon-identity-framework by wso2.

the class FrameworkUtils method setCookie.

public static void setCookie(HttpServletRequest req, HttpServletResponse resp, String cookieName, String id, Integer age, SameSiteCookie setSameSite, String path) {
    CookieBuilder cookieBuilder = new CookieBuilder(cookieName, id);
    IdentityCookieConfig cookieConfig = IdentityUtil.getIdentityCookieConfig(cookieName);
    if (cookieConfig != null) {
        updateCookieConfig(cookieBuilder, cookieConfig, age, path);
    } else {
        cookieBuilder.setSecure(true);
        cookieBuilder.setHttpOnly(true);
        cookieBuilder.setPath(StringUtils.isNotBlank(path) ? path : ROOT_DOMAIN);
        cookieBuilder.setSameSite(setSameSite);
        if (age != null) {
            cookieBuilder.setMaxAge(age);
        }
    }
    resp.addCookie(cookieBuilder.build());
}
Also used : CookieBuilder(org.wso2.carbon.identity.core.model.CookieBuilder) IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)

Example 2 with IdentityCookieConfig

use of org.wso2.carbon.identity.core.model.IdentityCookieConfig in project carbon-identity-framework by wso2.

the class FrameworkUtils method setCookie.

/**
 * Stores a cookie to the response taking configurations from identity.xml file.
 *
 * @param req        Incoming HttpSerletRequest.
 * @param resp       Outgoing HttpServletResponse.
 * @param cookieName Name of the cookie to be stored.
 * @param id         Cookie id.
 * @param age        Max age of the cookie.
 */
public static void setCookie(HttpServletRequest req, HttpServletResponse resp, String cookieName, String id, Integer age) {
    CookieBuilder cookieBuilder = new CookieBuilder(cookieName, id);
    IdentityCookieConfig cookieConfig = IdentityUtil.getIdentityCookieConfig(cookieName);
    if (cookieConfig != null) {
        updateCookieConfig(cookieBuilder, cookieConfig, age, null);
    } else {
        cookieBuilder.setSecure(true);
        cookieBuilder.setHttpOnly(true);
        cookieBuilder.setPath(ROOT_DOMAIN);
        if (age != null) {
            cookieBuilder.setMaxAge(age);
        }
    }
    resp.addCookie(cookieBuilder.build());
}
Also used : CookieBuilder(org.wso2.carbon.identity.core.model.CookieBuilder) IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)

Example 3 with IdentityCookieConfig

use of org.wso2.carbon.identity.core.model.IdentityCookieConfig in project carbon-identity-framework by wso2.

the class FrameworkUtils method removeCookie.

public static void removeCookie(HttpServletRequest req, HttpServletResponse resp, String cookieName, SameSiteCookie sameSiteCookie, String path) {
    Cookie[] cookies = req.getCookies();
    if (cookies != null) {
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(cookieName)) {
                CookieBuilder cookieBuilder = new CookieBuilder(cookieName, cookie.getValue());
                IdentityCookieConfig cookieConfig = IdentityUtil.getIdentityCookieConfig(cookieName);
                if (cookieConfig != null) {
                    updateCookieConfig(cookieBuilder, cookieConfig, 0, path);
                } else {
                    cookieBuilder.setHttpOnly(true);
                    cookieBuilder.setSecure(true);
                    cookieBuilder.setPath(StringUtils.isNotBlank(path) ? path : ROOT_DOMAIN);
                    cookieBuilder.setSameSite(sameSiteCookie);
                }
                cookieBuilder.setMaxAge(0);
                resp.addCookie(cookieBuilder.build());
                break;
            }
        }
    }
}
Also used : SameSiteCookie(org.wso2.carbon.core.SameSiteCookie) Cookie(javax.servlet.http.Cookie) CookieBuilder(org.wso2.carbon.identity.core.model.CookieBuilder) IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig)

Example 4 with IdentityCookieConfig

use of org.wso2.carbon.identity.core.model.IdentityCookieConfig in project carbon-identity-framework by wso2.

the class IdentityUtilTest method testPopulateProperties.

@Test
public void testPopulateProperties() throws Exception {
    Map<String, Object> mockConfig = new HashMap<>();
    mockConfig.put("dummy", new Object());
    Map<IdentityEventListenerConfigKey, IdentityEventListenerConfig> mockedEventListenerConfig = new HashMap<>();
    IdentityEventListenerConfigKey configKey = new IdentityEventListenerConfigKey("type", "name");
    mockedEventListenerConfig.put(configKey, new IdentityEventListenerConfig("false", 0, configKey, null));
    Map<IdentityCacheConfigKey, IdentityCacheConfig> mockedCacheConfig = new HashMap<>();
    IdentityCacheConfigKey cacheConfigKey = new IdentityCacheConfigKey("manager", "key");
    mockedCacheConfig.put(cacheConfigKey, new IdentityCacheConfig(cacheConfigKey));
    Map<String, IdentityCookieConfig> mockedCookieConfig = new HashMap<>();
    mockedCookieConfig.put("cookie", new IdentityCookieConfig("cookieName"));
    when(mockConfigParser.getConfiguration()).thenReturn(mockConfig);
    when(IdentityConfigParser.getEventListenerConfiguration()).thenReturn(mockedEventListenerConfig);
    when(IdentityConfigParser.getIdentityCacheConfigurationHolder()).thenReturn(mockedCacheConfig);
    when(IdentityConfigParser.getIdentityCookieConfigurationHolder()).thenReturn(mockedCookieConfig);
    when(IdentityConfigParser.getInstance()).thenReturn(mockConfigParser);
    IdentityUtil.populateProperties();
    assertEquals(Whitebox.getField(IdentityUtil.class, "configuration").get(IdentityUtil.class), mockConfig, "Configuration is not set properly during config population");
    assertEquals(Whitebox.getField(IdentityUtil.class, "eventListenerConfiguration").get(IdentityUtil.class), mockedEventListenerConfig, "eventListenerConfiguration is not set properly during config population");
    assertEquals(IdentityUtil.getIdentityCookiesConfigurationHolder(), mockedCookieConfig, "cookieConfiguration is not set properly during config population");
    assertEquals(Whitebox.getField(IdentityUtil.class, "identityCacheConfigurationHolder").get(IdentityUtil.class), mockedCacheConfig, "identityCacheConfigurationHolder is not set properly during config population");
}
Also used : HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) IdentityEventListenerConfigKey(org.wso2.carbon.identity.core.model.IdentityEventListenerConfigKey) Matchers.anyString(org.mockito.Matchers.anyString) IdentityCacheConfig(org.wso2.carbon.identity.core.model.IdentityCacheConfig) IdentityCacheConfigKey(org.wso2.carbon.identity.core.model.IdentityCacheConfigKey) IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig) IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 5 with IdentityCookieConfig

use of org.wso2.carbon.identity.core.model.IdentityCookieConfig in project carbon-identity-framework by wso2.

the class IdentityConfigParser method buildCookieConfig.

private void buildCookieConfig() {
    OMElement cookiesConfig = this.getConfigElement(IdentityConstants.COOKIES_CONFIG);
    if (cookiesConfig != null) {
        Iterator<OMElement> cookies = cookiesConfig.getChildrenWithName(new QName(IdentityCoreConstants.IDENTITY_DEFAULT_NAMESPACE, IdentityConstants.COOKIE));
        if (cookies != null) {
            while (cookies.hasNext()) {
                OMElement cookie = cookies.next();
                String cookieName = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_NAME));
                if (StringUtils.isBlank(cookieName)) {
                    throw IdentityRuntimeException.error("Cookie name not defined correctly");
                }
                IdentityCookieConfig cookieConfig = new IdentityCookieConfig(cookieName);
                String domain = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_DOMAIN));
                if (StringUtils.isNotBlank(domain)) {
                    cookieConfig.setDomain(domain);
                }
                String path = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_PATH));
                if (StringUtils.isNotBlank(path)) {
                    cookieConfig.setPath(path);
                }
                String comment = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_COMMENT));
                if (StringUtils.isNotBlank(comment)) {
                    cookieConfig.setComment(comment);
                }
                String version = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_VERSION));
                if (StringUtils.isNotBlank(version)) {
                    cookieConfig.setVersion(Integer.valueOf(version));
                }
                String magAge = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_MAX_AGE));
                if (StringUtils.isNotBlank(magAge)) {
                    cookieConfig.setMaxAge(Integer.valueOf(magAge));
                }
                String secure = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_SECURE));
                if (StringUtils.isNotBlank(secure)) {
                    cookieConfig.setSecure(Boolean.valueOf(secure));
                }
                String httpOnly = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_HTTP_ONLY));
                if (StringUtils.isNotBlank(httpOnly)) {
                    cookieConfig.setIsHttpOnly(Boolean.valueOf(httpOnly));
                }
                String sameSiteString = cookie.getAttributeValue(new QName(IdentityConstants.COOKIE_SAME_SITE));
                if (StringUtils.isNotEmpty(sameSiteString)) {
                    try {
                        SameSiteCookie sameSite = SameSiteCookie.valueOf(sameSiteString);
                        cookieConfig.setSameSite(sameSite);
                    } catch (IllegalArgumentException ex) {
                        throw new IllegalArgumentException("sameSite value should be Strict or Lax or None. ", ex);
                    }
                }
                // Add the config to container
                identityCookieConfigurationHolder.put(cookieName, cookieConfig);
            }
        }
    }
}
Also used : QName(javax.xml.namespace.QName) IdentityCookieConfig(org.wso2.carbon.identity.core.model.IdentityCookieConfig) OMElement(org.apache.axiom.om.OMElement) SameSiteCookie(org.wso2.carbon.core.SameSiteCookie)

Aggregations

IdentityCookieConfig (org.wso2.carbon.identity.core.model.IdentityCookieConfig)11 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)6 Test (org.testng.annotations.Test)6 SameSiteCookie (org.wso2.carbon.core.SameSiteCookie)6 Cookie (javax.servlet.http.Cookie)5 CookieBuilder (org.wso2.carbon.identity.core.model.CookieBuilder)4 HashMap (java.util.HashMap)3 LinkedHashMap (java.util.LinkedHashMap)3 Matchers.anyString (org.mockito.Matchers.anyString)3 BeforeTest (org.testng.annotations.BeforeTest)3 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)3 QName (javax.xml.namespace.QName)1 OMElement (org.apache.axiom.om.OMElement)1 IdentityCacheConfig (org.wso2.carbon.identity.core.model.IdentityCacheConfig)1 IdentityCacheConfigKey (org.wso2.carbon.identity.core.model.IdentityCacheConfigKey)1 IdentityEventListenerConfig (org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)1 IdentityEventListenerConfigKey (org.wso2.carbon.identity.core.model.IdentityEventListenerConfigKey)1