Java Code Examples for io.undertow.server.handlers.Cookie#getValue()
The following examples show how to use
io.undertow.server.handlers.Cookie#getValue() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: HttpServerExchange.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* Sets a response cookie
*
* @param cookie The cookie
*/
public HttpServerExchange setResponseCookie(final Cookie cookie) {
if(getConnection().getUndertowOptions().get(UndertowOptions.ENABLE_RFC6265_COOKIE_VALIDATION, UndertowOptions.DEFAULT_ENABLE_RFC6265_COOKIE_VALIDATION)) {
if (cookie.getValue() != null && !cookie.getValue().isEmpty()) {
Rfc6265CookieSupport.validateCookieValue(cookie.getValue());
}
if (cookie.getPath() != null && !cookie.getPath().isEmpty()) {
Rfc6265CookieSupport.validatePath(cookie.getPath());
}
if (cookie.getDomain() != null && !cookie.getDomain().isEmpty()) {
Rfc6265CookieSupport.validateDomain(cookie.getDomain());
}
}
if (responseCookies == null) {
responseCookies = new TreeMap<>(); //hashmap is slow to allocate in JDK7
}
responseCookies.put(cookie.getName(), cookie);
return this;
}
Example 2
| Source File: HttpServerExchange.java From quarkus-http with Apache License 2.0 | 6 votes |
|
/**
* Sets a response cookie
*
* @param cookie The cookie
*/
public HttpServerExchange setResponseCookie(final Cookie cookie) {
if (delegate.getUndertowOptions().get(UndertowOptions.ENABLE_RFC6265_COOKIE_VALIDATION, UndertowOptions.DEFAULT_ENABLE_RFC6265_COOKIE_VALIDATION)) {
if (cookie.getValue() != null && !cookie.getValue().isEmpty()) {
Rfc6265CookieSupport.validateCookieValue(cookie.getValue());
}
if (cookie.getPath() != null && !cookie.getPath().isEmpty()) {
Rfc6265CookieSupport.validatePath(cookie.getPath());
}
if (cookie.getDomain() != null && !cookie.getDomain().isEmpty()) {
Rfc6265CookieSupport.validateDomain(cookie.getDomain());
}
}
if (responseCookies == null) {
responseCookies = new TreeMap<>(); //hashmap is slow to allocate in JDK7
}
responseCookies.put(cookie.getName(), cookie);
return this;
}
Example 3
| Source File: SingleSignOnAuthenticationMechanism.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
final String ssoId = cookie.getValue();
log.tracef("Found SSO cookie %s", ssoId);
try (SingleSignOn sso = this.singleSignOnManager.findSingleSignOn(ssoId)) {
if (sso != null) {
if(log.isTraceEnabled()) {
log.tracef("SSO session with ID: %s found.", ssoId);
}
Account verified = getIdentityManager(securityContext).verify(sso.getAccount());
if (verified == null) {
if(log.isTraceEnabled()) {
log.tracef("Account not found. Returning 'not attempted' here.");
}
//we return not attempted here to allow other mechanisms to proceed as normal
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
final Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
securityContext.authenticationComplete(verified, sso.getMechanismName(), false);
securityContext.registerNotificationReceiver(new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) {
singleSignOnManager.removeSingleSignOn(sso);
}
}
});
log.tracef("Authenticated account %s using SSO", verified.getPrincipal().getName());
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
}
clearSsoCookie(exchange);
}
exchange.addResponseWrapper(responseListener);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Example 4
| Source File: InboundCookiesHandler.java From mangooio with Apache License 2.0 | 5 votes |
|
/**
* Retrieves the value of a cookie with a given name from a HttpServerExchange
*
* @param exchange The exchange containing the cookie
* @param cookieName The name of the cookie
*
* @return The value of the cookie or null if none found
*/
private String getCookieValue(HttpServerExchange exchange, String cookieName) {
String value = null;
Map<String, Cookie> requestCookies = exchange.getRequestCookies();
if (requestCookies != null) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
value = cookie.getValue();
}
}
return value;
}
Example 5
| Source File: AdminFilter.java From mangooio with Apache License 2.0 | 5 votes |
|
@Override
public Response execute(Request request, Response response) {
Config config = Application.getInstance(Config.class);
Cookie cookie = request.getCookie(Default.ADMIN_COOKIE_NAME.toString());
if (cookie != null) {
String value = cookie.getValue();
if (StringUtils.isNotBlank(value)) {
try {
Paseto paseto = Pasetos.parserBuilder()
.setSharedSecret(config.getApplicationSecret().getBytes(StandardCharsets.UTF_8))
.build()
.parse(value);
LocalDateTime expiration = LocalDateTime.ofInstant(paseto.getClaims().getExpiration(), ZoneOffset.UTC);
if (expiration.isAfter(LocalDateTime.now())) {
if (paseto.getClaims().containsKey("twofactor") && paseto.getClaims().get("twofactor", Boolean.class)) {
return Response.withRedirect("/@admin/twofactor").andEndResponse();
}
return response;
}
} catch (PasetoException e) {
//NOSONAR Ignore catch
}
}
}
return Response.withRedirect("/@admin/login").andEndResponse();
}
Example 6
| Source File: JvmRouteHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public StreamSinkConduit wrap(ConduitFactory<StreamSinkConduit> factory, HttpServerExchange exchange) {
Map<String, Cookie> cookies = exchange.getResponseCookiesInternal();
if (cookies != null) {
Cookie sessionId = cookies.get(sessionCookieName);
if (sessionId != null) {
StringBuilder sb = new StringBuilder(sessionId.getValue());
sb.append('.');
sb.append(jvmRoute);
sessionId.setValue(sb.toString());
}
}
return factory.create();
}
Example 7
| Source File: SessionCookieConfig.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public String findSessionId(final HttpServerExchange exchange) {
Map<String, Cookie> cookies = exchange.getRequestCookies();
if (cookies != null) {
Cookie sessionId = cookies.get(cookieName);
if (sessionId != null) {
UndertowLogger.SESSION_LOGGER.tracef("Found session cookie session id %s on %s", sessionId, exchange);
return sessionId.getValue();
}
}
return null;
}
Example 8
| Source File: CookieAttribute.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public String readAttribute(final HttpServerExchange exchange) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie == null) {
return null;
}
return cookie.getValue();
}
Example 9
| Source File: GenericHeaderAuthenticationMechanism.java From lams with GNU General Public License v2.0 | 5 votes |
|
private String getSession(HttpServerExchange exchange) {
for(String header : sessionCookieNames) {
Cookie cookie = exchange.getRequestCookies().get(header);
if(cookie != null) {
return cookie.getValue();
}
}
return null;
}
Example 10
| Source File: UndertowServerHttpRequest.java From spring-analysis-note with MIT License | 5 votes |
|
@Override
protected MultiValueMap<String, HttpCookie> initCookies() {
MultiValueMap<String, HttpCookie> cookies = new LinkedMultiValueMap<>();
for (String name : this.exchange.getRequestCookies().keySet()) {
Cookie cookie = this.exchange.getRequestCookies().get(name);
HttpCookie httpCookie = new HttpCookie(name, cookie.getValue());
cookies.add(name, httpCookie);
}
return cookies;
}
Example 11
| Source File: UndertowServerHttpRequest.java From java-technology-stack with MIT License | 5 votes |
|
@Override
protected MultiValueMap<String, HttpCookie> initCookies() {
MultiValueMap<String, HttpCookie> cookies = new LinkedMultiValueMap<>();
for (String name : this.exchange.getRequestCookies().keySet()) {
Cookie cookie = this.exchange.getRequestCookies().get(name);
HttpCookie httpCookie = new HttpCookie(name, cookie.getValue());
cookies.add(name, httpCookie);
}
return cookies;
}
Example 12
| Source File: JvmRouteHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void beforeCommit(HttpServerExchange exchange) {
Map<String, Cookie> cookies = exchange.getResponseCookiesInternal();
if (cookies != null) {
Cookie sessionId = cookies.get(sessionCookieName);
if (sessionId != null) {
StringBuilder sb = new StringBuilder(sessionId.getValue());
sb.append('.');
sb.append(jvmRoute);
sessionId.setValue(sb.toString());
}
}
}
Example 13
| Source File: SessionCookieConfig.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public String findSessionId(final HttpServerExchange exchange) {
Map<String, Cookie> cookies = exchange.getRequestCookies();
if (cookies != null) {
Cookie sessionId = cookies.get(cookieName);
if (sessionId != null) {
UndertowLogger.SESSION_LOGGER.tracef("Found session cookie session id %s on %s", sessionId, exchange);
return sessionId.getValue();
}
}
return null;
}
Example 14
| Source File: CookieAttribute.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public String readAttribute(final HttpServerExchange exchange) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie == null) {
return null;
}
return cookie.getValue();
}
Example 15
| Source File: GenericHeaderAuthenticationMechanism.java From quarkus-http with Apache License 2.0 | 5 votes |
|
private String getSession(HttpServerExchange exchange) {
for (String header : sessionCookieNames) {
Cookie cookie = exchange.getRequestCookies().get(header);
if (cookie != null) {
return cookie.getValue();
}
}
return null;
}
Example 16
| Source File: SingleSignOnAuthenticationMechanism.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
final String ssoId = cookie.getValue();
log.tracef("Found SSO cookie %s", ssoId);
try (SingleSignOn sso = this.singleSignOnManager.findSingleSignOn(ssoId)) {
if (sso != null) {
if (log.isTraceEnabled()) {
log.tracef("SSO session with ID: %s found.", ssoId);
}
Account verified = getIdentityManager(securityContext).verify(sso.getAccount());
if (verified == null) {
if (log.isTraceEnabled()) {
log.tracef("Account not found. Returning 'not attempted' here.");
}
//we return not attempted here to allow other mechanisms to proceed as normal
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
final Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
securityContext.authenticationComplete(verified, sso.getMechanismName(), false);
securityContext.registerNotificationReceiver(new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) {
singleSignOnManager.removeSingleSignOn(sso);
}
}
});
log.tracef("Authenticated account %s using SSO", verified.getPrincipal().getName());
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
}
clearSsoCookie(exchange);
}
exchange.addResponseCommitListener(responseListener);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Example 17
| Source File: LegacyCookieSupport.java From quarkus-http with Apache License 2.0 | 4 votes |
|
public static int adjustedCookieVersion(Cookie cookie) {
/*
* The spec allows some latitude on when to send the version attribute
* with a Set-Cookie header. To be nice to clients, we'll make sure the
* version attribute is first. That means checking the various things
* that can cause us to switch to a v1 cookie first.
*_
* Note that by checking for tokens we will also throw an exception if a
* control character is encountered.
*/
int version = cookie.getVersion();
String value = cookie.getValue();
String path = cookie.getPath();
String domain = cookie.getDomain();
String comment = cookie.getComment();
// If it is v0, check if we need to switch
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(value) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(value))) {
// HTTP token in value - need to use v1
version = 1;
}
if (version == 0 && comment != null) {
// Using a comment makes it a v1 cookie
version = 1;
}
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(path) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(path))) {
// HTTP token in path - need to use v1
version = 1;
}
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(domain) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(domain))) {
// HTTP token in domain - need to use v1
version = 1;
}
return version;
}
Example 18
| Source File: LegacyCookieSupport.java From lams with GNU General Public License v2.0 | 4 votes |
|
public static int adjustedCookieVersion(Cookie cookie) {
/*
* The spec allows some latitude on when to send the version attribute
* with a Set-Cookie header. To be nice to clients, we'll make sure the
* version attribute is first. That means checking the various things
* that can cause us to switch to a v1 cookie first.
*_
* Note that by checking for tokens we will also throw an exception if a
* control character is encountered.
*/
int version = cookie.getVersion();
String value = cookie.getValue();
String path = cookie.getPath();
String domain = cookie.getDomain();
String comment = cookie.getComment();
// If it is v0, check if we need to switch
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(value) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(value))) {
// HTTP token in value - need to use v1
version = 1;
}
if (version == 0 && comment != null) {
// Using a comment makes it a v1 cookie
version = 1;
}
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(path) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(path))) {
// HTTP token in path - need to use v1
version = 1;
}
if (version == 0 &&
(!ALLOW_HTTP_SEPARATORS_IN_V0 && isHttpToken(domain) ||
ALLOW_HTTP_SEPARATORS_IN_V0 && isV0Token(domain))) {
// HTTP token in domain - need to use v1
version = 1;
}
return version;
}
Example 19
| Source File: JWTAuthMechanism.java From thorntail with Apache License 2.0 | 4 votes |
|
@Override
protected String getCookieValue(String cookieName) {
Cookie cookie = httpExchange.getRequestCookies().get(cookieName);
return cookie != null ? cookie.getValue() : null;
}
