Java Code Examples for io.vertx.ext.web.RoutingContext#addCookie()
The following examples show how to use
io.vertx.ext.web.RoutingContext#addCookie() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CSRFHandlerImpl.java From vertx-web with Apache License 2.0 | 6 votes |
|
private String generateAndStoreToken(RoutingContext ctx) {
byte[] salt = new byte[32];
random.nextBytes(salt);
String saltPlusToken = BASE64.encodeToString(salt) + "." + System.currentTimeMillis();
String signature = BASE64.encodeToString(mac.doFinal(saltPlusToken.getBytes()));
final String token = saltPlusToken + "." + signature;
// a new token was generated add it to the cookie
ctx.addCookie(
Cookie.cookie(cookieName, token)
.setPath(cookiePath)
.setHttpOnly(httpOnly)
// it's not an option to change the same site policy
.setSameSite(CookieSameSite.STRICT));
return token;
}
Example 2
| Source File: PersistentLoginManager.java From quarkus with Apache License 2.0 | 5 votes |
|
public void save(SecurityIdentity identity, RoutingContext context, RestoreResult restoreResult) {
if (restoreResult != null) {
if (!restoreResult.newCookieNeeded) {
return;
}
}
try {
Cipher cipher = Cipher.getInstance(ENC_ALGORITHM);
byte[] iv = new byte[12];
secureRandom.nextBytes(iv);
cipher.init(Cipher.ENCRYPT_MODE, secretKey, new GCMParameterSpec(ENC_TAG_LENGTH, iv));
StringBuilder contents = new StringBuilder();
long timeout = System.currentTimeMillis() + timeoutMillis;
log.debugf("The new cookie will expire at %s", new Date(timeout).toString());
contents.append(timeout);
contents.append(":");
contents.append(identity.getPrincipal().getName());
byte[] encrypted = cipher.doFinal(contents.toString().getBytes(StandardCharsets.UTF_8));
ByteBuffer message = ByteBuffer.allocate(1 + iv.length + encrypted.length);
message.put((byte) iv.length);
message.put(iv);
message.put(encrypted);
String cookieValue = Base64.getEncoder().encodeToString(message.array());
context.addCookie(Cookie.cookie(cookieName, cookieValue).setPath("/"));
} catch (Exception e) {
throw new RuntimeException(e);
}
}
Example 3
| Source File: SessionHandlerImpl.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
private void createNewSession(RoutingContext context) {
Session session = sessionStore.createSession(sessionTimeout, minLength);
context.setSession(session);
Cookie cookie = Cookie.cookie(sessionCookieName, session.value());
cookie.setPath(sessionCookiePath);
cookie.setSecure(sessionCookieSecure);
cookie.setHttpOnly(sessionCookieHttpOnly);
// Don't set max age - it's a session cookie
context.addCookie(cookie);
// only store the user if there's a auth provider
addStoreSessionHandler(context, authProvider != null);
}
Example 4
| Source File: SessionHandlerImpl.java From vertx-web with Apache License 2.0 | 5 votes |
|
private Cookie sessionCookie(final RoutingContext context, final Session session) {
Cookie cookie = context.getCookie(sessionCookieName);
if (cookie != null) {
return cookie;
}
cookie = Cookie.cookie(sessionCookieName, session.value());
cookie.setPath(sessionCookiePath);
cookie.setSecure(sessionCookieSecure);
cookie.setHttpOnly(sessionCookieHttpOnly);
cookie.setSameSite(cookieSameSite);
// Don't set max age - it's a session cookie
context.addCookie(cookie);
return cookie;
}
Example 5
| Source File: CookieTestController.java From nubes with Apache License 2.0 | 4 votes |
|
@GET("setCookie")
@Cookies
public void setCookie(RoutingContext context) {
context.addCookie(Cookie.cookie("dog", "Rantanplan"));
context.response().end();
}
