private static void handleValue(CookieImpl cookie, String key, String value) { if (key.equalsIgnoreCase("path")) { cookie.setPath(value); } else if (key.equalsIgnoreCase("domain")) { cookie.setDomain(value); } else if (key.equalsIgnoreCase("max-age")) { cookie.setMaxAge(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("expires")) { cookie.setExpires(DateUtils.parseDate(value)); } else if (key.equalsIgnoreCase("discard")) { cookie.setDiscard(true); } else if (key.equalsIgnoreCase("secure")) { cookie.setSecure(true); } else if (key.equalsIgnoreCase("httpOnly")) { cookie.setHttpOnly(true); } else if (key.equalsIgnoreCase("version")) { cookie.setVersion(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("comment")) { cookie.setComment(value); } else if (key.equalsIgnoreCase("samesite")) { cookie.setSameSite(true); cookie.setSameSiteMode(value); } //otherwise ignore this key-value pair }
private static void handleValue(CookieImpl cookie, String key, String value) { if (key.equalsIgnoreCase("path")) { cookie.setPath(value); } else if (key.equalsIgnoreCase("domain")) { cookie.setDomain(value); } else if (key.equalsIgnoreCase("max-age")) { cookie.setMaxAge(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("expires")) { cookie.setExpires(DateUtils.parseDate(value)); } else if (key.equalsIgnoreCase("discard")) { cookie.setDiscard(true); } else if (key.equalsIgnoreCase("secure")) { cookie.setSecure(true); } else if (key.equalsIgnoreCase("httpOnly")) { cookie.setHttpOnly(true); } else if (key.equalsIgnoreCase("version")) { cookie.setVersion(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("comment")) { cookie.setComment(value); } else if (key.equalsIgnoreCase("samesite")) { cookie.setSameSite(true); cookie.setSameSiteMode(value); } //otherwise ignore this key-value pair }
@Override public void expiresSessionId(HttpServerExchange exchange) { final String sessionId = retrieveSessionIdFrom(exchange); final Cookie cookie = new CookieImpl( this.cookieName, sessionId ) .setPath( "/" ).setHttpOnly( true ).setExpires( Date.from( Instant.EPOCH ) ); exchange.setResponseCookie( cookie ); } }
private static void handleValue(CookieImpl cookie, String key, String value) { if (key.equalsIgnoreCase("path")) { cookie.setPath(value); } else if (key.equalsIgnoreCase("domain")) { cookie.setDomain(value); } else if (key.equalsIgnoreCase("max-age")) { cookie.setMaxAge(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("expires")) { cookie.setExpires(DateUtils.parseDate(value)); } else if (key.equalsIgnoreCase("discard")) { cookie.setDiscard(true); } else if (key.equalsIgnoreCase("secure")) { cookie.setSecure(true); } else if (key.equalsIgnoreCase("httpOnly")) { cookie.setHttpOnly(true); } else if (key.equalsIgnoreCase("version")) { cookie.setVersion(Integer.parseInt(value)); } else if (key.equalsIgnoreCase("comment")) { cookie.setComment(value); } else if (key.equalsIgnoreCase("samesite")) { cookie.setSameSite(true); cookie.setSameSiteMode(value); } //otherwise ignore this key-value pair }
private void setSession(HttpServerExchange exchange) { if (this.session != null && this.session.hasChanges()) { String values = Joiner.on(Default.SPLITTER.toString()).withKeyValueSeparator(Default.SEPERATOR.toString()).join(this.session.getValues()); String sign = DigestUtils.sha512Hex(values + this.session.getAuthenticityToken() + this.session.getExpires() + config.getApplicationSecret()); String value = sign + Default.DELIMITER.toString() + this.session.getAuthenticityToken() + Default.DELIMITER.toString() + this.session.getExpires() + Default.DATA_DELIMITER.toString() + values; if (this.config.getBoolean(Key.COOKIE_ENCRYPTION, false)) { Crypto crypto = this.injector.getInstance(Crypto.class); value = crypto.encrypt(value); } Cookie cookie = new CookieImpl(config.getString(Key.COOKIE_NAME), value) .setHttpOnly(true) .setPath("/") .setExpires(Date.from(this.session.getExpires().atZone(ZoneId.systemDefault()).toInstant())); exchange.setResponseCookie(cookie); } }
private void setAuthentication(HttpServerExchange exchange) { if (this.authentication != null && this.authentication.hasAuthenticatedUser()) { Cookie cookie; String cookieName = this.config.getAuthenticationCookieName(); if (this.authentication.isLogout()) { cookie = exchange.getRequestCookies().get(cookieName); cookie.setMaxAge(0); cookie.setDiscard(true); } else { String sign = DigestUtils.sha512Hex(this.authentication.getAuthenticatedUser() + this.authentication.getExpires() + this.config.getString(Key.APPLICATION_SECRET)); String value = sign + Default.DELIMITER.toString() + this.authentication.getExpires() + Default.DATA_DELIMITER.toString() + this.authentication.getAuthenticatedUser(); if (this.config.getBoolean(Key.AUTH_COOKIE_ENCRYPT, false)) { value = this.injector.getInstance(Crypto.class).encrypt(value); } cookie = new CookieImpl(cookieName, value) .setHttpOnly(true) .setPath("/") .setExpires(Date.from(this.authentication.getExpires().atZone(ZoneId.systemDefault()).toInstant())); } exchange.setResponseCookie(cookie); } }