@Override public Cookie removeCookie(String name, boolean invalidate) { Cookie cookie = cookiesMap().get(name); if (cookie != null) { if (invalidate && cookie.isFromUserAgent()) { // in the case the cookie was passed from the User Agent // we need to expire it and sent it back to it can be // invalidated cookie.setMaxAge(0L); } else { // this was a temporary cookie so we can safely remove it cookiesMap().remove(name); } } return cookie; }
/** * Sets the maximum age of this cookie in seconds. * If an age of <code>0</code> is specified, this cookie will be * automatically removed by browser because it will expire immediately. * If {@link java.lang.Long} is specified, this cookie will be removed when the * browser is closed. * If you don't set this the cookie will be a session cookie and be removed when the browser is closed. * @param maxAge The maximum age of this cookie in seconds * @return */ public io.vertx.rxjava.ext.web.Cookie setMaxAge(long maxAge) { delegate.setMaxAge(maxAge); return this; }
/** * Sets the maximum age of this cookie in seconds. * If an age of <code>0</code> is specified, this cookie will be * automatically removed by browser because it will expire immediately. * If {@link java.lang.Long} is specified, this cookie will be removed when the * browser is closed. * If you don't set this the cookie will be a session cookie and be removed when the browser is closed. * @param maxAge The maximum age of this cookie in seconds * @return */ public io.vertx.rxjava.ext.web.Cookie setMaxAge(long maxAge) { delegate.setMaxAge(maxAge); return this; }
@Test public void testCookieFields() throws Exception { Cookie cookie = Cookie.cookie("foo", "bar"); assertEquals("foo", cookie.getName()); assertEquals("bar", cookie.getValue()); assertEquals("foo=bar", cookie.encode()); assertNull(cookie.getPath()); cookie.setPath("/somepath"); assertEquals("/somepath", cookie.getPath()); assertEquals("foo=bar; Path=/somepath", cookie.encode()); assertNull(cookie.getDomain()); cookie.setDomain("foo.com"); assertEquals("foo.com", cookie.getDomain()); assertEquals("foo=bar; Path=/somepath; Domain=foo.com", cookie.encode()); long maxAge = 30 * 60; cookie.setMaxAge(maxAge); long now = System.currentTimeMillis(); String encoded = cookie.encode(); int startPos = encoded.indexOf("Expires="); int endPos = encoded.indexOf(';', startPos); String expiresDate = encoded.substring(startPos + 8, endPos); Date d = dateTimeFormat.parse(expiresDate); assertTrue(d.getTime() - now >= maxAge); cookie.setMaxAge(Long.MIN_VALUE); cookie.setSecure(true); assertEquals("foo=bar; Path=/somepath; Domain=foo.com; Secure", cookie.encode()); cookie.setHttpOnly(true); assertEquals("foo=bar; Path=/somepath; Domain=foo.com; Secure; HTTPOnly", cookie.encode()); }
@Override public Cookie removeCookie(String name, boolean invalidate) { Cookie cookie = cookiesMap().get(name); if (cookie != null) { if (invalidate && cookie.isFromUserAgent()) { // in the case the cookie was passed from the User Agent // we need to expire it and sent it back to it can be // invalidated cookie.setMaxAge(0L); } else { // this was a temporary cookie so we can safely remove it cookiesMap().remove(name); } } return cookie; }
/** * Handle the login action and set a token cookie if the credentials are valid. * * @param ac * Action context used to add token cookie * @param username * Username * @param password * Password */ public void login(InternalActionContext ac, String username, String password) { generateToken(username, password, rh -> { if (rh.failed()) { throw error(UNAUTHORIZED, "auth_login_failed", rh.cause()); } else { ac.addCookie(Cookie.cookie(MeshJWTAuthProvider.TOKEN_COOKIE_KEY, rh.result()) .setMaxAge(Mesh.mesh().getOptions().getAuthenticationOptions().getTokenExpirationTime()).setPath("/")); ac.send(new TokenResponse(rh.result()).toJson()); } }); }
@Override public void logout() { Session session = rc.session(); if (session != null) { session.destroy(); } rc.addCookie(Cookie.cookie(MeshJWTAuthProvider.TOKEN_COOKIE_KEY, "deleted").setMaxAge(0).setPath("/")); rc.clearUser(); }
public Handler<RoutingContext> logoutHandler() { return rc -> { if ("yes".equals(rc.request().getParam("done"))) { rc.response().setStatusCode(302).putHeader("Location", VertxBase.absoluteContext(config::getString, rc)).end(); // rc.response().end("Logout complete"); return; } QueryStringEncoder fromEnc = new QueryStringEncoder(""); fromEnc.addParam("redirect_uri", VertxBase.absolutePath(config::getString, rc) + "?done=yes"); rc.response().headers() .add(SET_COOKIE, io.vertx.ext.web.Cookie.cookie("session_token", "").setMaxAge(0).encode()) .add(SET_COOKIE, io.vertx.ext.web.Cookie.cookie("XSRF-TOKEN", "").setMaxAge(0).encode()) .add("location", logoutUrl + fromEnc); rc.response().setStatusCode(302).end(); }; }
} else { MetricsHandler.checkpoint(rc, "authFail"); rc.response().headers().add(SET_COOKIE, session.setValue("").setMaxAge(0).encode()); if (mandatory) { log.debug("Access token could not be authenticated", r.cause());
public Handler<RoutingContext> logoutHandler() { return rc -> { if ("yes".equals(rc.request().getParam("done"))) { rc.response().setStatusCode(302).putHeader("Location", VertxBase.absoluteContext(config::getString, rc)).end(); // rc.response().end("Logout complete"); return; } QueryStringEncoder fromEnc = new QueryStringEncoder(""); fromEnc.addParam("redirect_uri", VertxBase.absolutePath(config::getString, rc) + "?done=yes"); rc.response().headers() .add(SET_COOKIE, io.vertx.ext.web.Cookie.cookie("session_token", "").setMaxAge(0).encode()) .add(SET_COOKIE, io.vertx.ext.web.Cookie.cookie("XSRF-TOKEN", "").setMaxAge(0).encode()) .add("location", logoutUrl + fromEnc); rc.response().setStatusCode(302).end(); }; }
} else { MetricsHandler.checkpoint(rc, "authFail"); rc.response().headers().add(SET_COOKIE, sessionCookie.setValue("").setMaxAge(0).encode()); if (mandatory) { if (log.isTraceEnabled()) {
} else { MetricsHandler.checkpoint(rc, "authFail"); rc.response().headers().add(SET_COOKIE, sessionCookie.setValue("").setMaxAge(0).encode()); if (mandatory) { if (log.isTraceEnabled()) {
} else { MetricsHandler.checkpoint(rc, "authFail"); rc.response().headers().add(SET_COOKIE, sessionCookie.setValue("").setMaxAge(0).encode()); if (mandatory) { if (log.isTraceEnabled()) {
.setMaxAge(Mesh.mesh().getOptions().getAuthenticationOptions().getTokenExpirationTime()).setPath("/"));
@Test public void testCookieFields() throws Exception { Cookie cookie = Cookie.cookie("foo", "bar"); assertEquals("foo", cookie.getName()); assertEquals("bar", cookie.getValue()); assertEquals("foo=bar", cookie.encode()); assertNull(cookie.getPath()); cookie.setPath("/somepath"); assertEquals("/somepath", cookie.getPath()); assertEquals("foo=bar; Path=/somepath", cookie.encode()); assertNull(cookie.getDomain()); cookie.setDomain("foo.com"); assertEquals("foo.com", cookie.getDomain()); assertEquals("foo=bar; Path=/somepath; Domain=foo.com", cookie.encode()); long maxAge = 30 * 60; cookie.setMaxAge(maxAge); long now = System.currentTimeMillis(); String encoded = cookie.encode(); int startPos = encoded.indexOf("Expires="); int endPos = encoded.indexOf(';', startPos); String expiresDate = encoded.substring(startPos + 8, endPos); Date d = dateTimeFormat.parse(expiresDate); assertTrue(d.getTime() - now >= maxAge); cookie.setMaxAge(Long.MIN_VALUE); cookie.setSecure(true); assertEquals("foo=bar; Path=/somepath; Domain=foo.com; Secure", cookie.encode()); cookie.setHttpOnly(true); assertEquals("foo=bar; Path=/somepath; Domain=foo.com; Secure; HTTPOnly", cookie.encode()); }