下面列出了javax.ws.rs.core.NewCookie#DEFAULT_MAX_AGE 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
NewCookie createLoginCookie(HttpServletRequest req, SSOPrincipal principal) {
String token = principal.getTokenStr();
// if expires is negative, it means the cookie must be transient
int expires = (principal.getExpires() <= -1)
? NewCookie.DEFAULT_MAX_AGE
: (int) ((principal.getExpires() - getTimeNow()) / 1000);
NewCookie authCookie = new NewCookie(
HttpUtils.getLoginCookieName(),
token,
"/",
null,
null,
expires,
(req.isSecure() || secureLoadBalancer)
);
return authCookie;
}
public static void createLoginCookie(KeycloakSession keycloakSession, RealmModel realm, UserModel user, UserSessionModel session, UriInfo uriInfo, ClientConnection connection) {
String cookiePath = getIdentityCookiePath(realm, uriInfo);
String issuer = Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName());
IdentityCookieToken identityCookieToken = createIdentityToken(keycloakSession, realm, user, session, issuer);
String encoded = keycloakSession.tokens().encode(identityCookieToken);
boolean secureOnly = realm.getSslRequired().isRequired(connection);
int maxAge = NewCookie.DEFAULT_MAX_AGE;
if (session != null && session.isRememberMe()) {
maxAge = realm.getSsoSessionMaxLifespanRememberMe() > 0 ? realm.getSsoSessionMaxLifespanRememberMe() : realm.getSsoSessionMaxLifespan();
}
logger.debugv("Create login cookie - name: {0}, path: {1}, max-age: {2}", KEYCLOAK_IDENTITY_COOKIE, cookiePath, maxAge);
CookieHelper.addCookie(KEYCLOAK_IDENTITY_COOKIE, encoded, cookiePath, null, null, maxAge, secureOnly, true, SameSiteAttributeValue.NONE);
//builder.cookie(new NewCookie(cookieName, encoded, cookiePath, null, null, maxAge, secureOnly));// todo httponly , true);
String sessionCookieValue = realm.getName() + "/" + user.getId();
if (session != null) {
sessionCookieValue += "/" + session.getId();
}
// THIS SHOULD NOT BE A HTTPONLY COOKIE! It is used for OpenID Connect Iframe Session support!
// Max age should be set to the max lifespan of the session as it's used to invalidate old-sessions on re-login
int sessionCookieMaxAge = session.isRememberMe() && realm.getSsoSessionMaxLifespanRememberMe() > 0 ? realm.getSsoSessionMaxLifespanRememberMe() : realm.getSsoSessionMaxLifespan();
CookieHelper.addCookie(KEYCLOAK_SESSION_COOKIE, sessionCookieValue, cookiePath, null, null, sessionCookieMaxAge, secureOnly, false, SameSiteAttributeValue.NONE);
P3PHelper.addP3PHeader();
}
private NewCookie createAuthenticationCookie(String userName, boolean secure)
{
String jwt = jwtGenerator.apply(userName);
return new NewCookie(
PRESTO_UI_COOKIE,
jwt,
"/ui",
null,
Cookie.DEFAULT_VERSION,
null,
NewCookie.DEFAULT_MAX_AGE,
null,
secure,
true);
}
@Override
public String toString(Cookie cookie) {
StringBuilder sb = new StringBuilder();
if (cookie.getVersion() != Cookie.DEFAULT_VERSION) {
sb.append(VERSION).append('=').append(cookie.getVersion()).append(';');
}
sb.append(cookie.getName()).append('=').append(cookie.getValue());
if (cookie.getPath() != null) {
sb.append(';').append(PATH).append('=').append(cookie.getPath());
}
if (cookie.getDomain() != null) {
sb.append(';').append(DOMAIN).append('=').append(cookie.getDomain());
}
if (cookie instanceof NewCookie) {
NewCookie newCookie = (NewCookie) cookie;
if (newCookie.getMaxAge() != NewCookie.DEFAULT_MAX_AGE) {
sb.append(';').append(MAX_AGE).append('=').append(newCookie.getMaxAge());
}
if (newCookie.getComment() != null) {
sb.append(';').append(COMMENT).append('=').append(newCookie.getComment());
}
if (newCookie.getExpiry() != null) {
//All HTTP date/time stamps MUST be represented in Greenwich Mean Time (GMT)
dateFormat.setTimeZone(TimeZone.getTimeZone(GMT_TIMEZONE));
sb.append(';').append(EXPIRES).append('=').append(dateFormat.format(newCookie.getExpiry()));
}
if (newCookie.isSecure()) {
sb.append(';').append(SECURE);
}
if (newCookie.isHttpOnly()) {
sb.append(';').append(HTTP_ONLY);
}
}
return sb.toString();
}
@Override
public Cookie fromString(String cookieValue) {
if (cookieValue == null) {
throw new IllegalArgumentException("Cookie value can not be null");
}
int version = NewCookie.DEFAULT_VERSION;
int maxAge = NewCookie.DEFAULT_MAX_AGE;
String name = null;
String value = null;
String path = null;
String domain = null;
String comment = null;
Date expiry = null;
boolean secure = false;
boolean httpOnly = false;
String[] parts = cookieValue.split(";");
for (String part : parts) {
String token = part.trim();
if (token.startsWith(VERSION)) {
version = Integer.parseInt(token.substring(VERSION.length() + 1));
} else if (token.startsWith(PATH)) {
path = token.substring(PATH.length() + 1);
} else if (token.startsWith(DOMAIN)) {
domain = token.substring(DOMAIN.length() + 1);
} else if (token.startsWith(SECURE)) {
secure = Boolean.TRUE;
} else if (token.startsWith(HTTP_ONLY)) {
httpOnly = Boolean.TRUE;
} else if (token.startsWith(COMMENT)) {
comment = token.substring(COMMENT.length() + 1);
} else if (token.startsWith(MAX_AGE)) {
maxAge = Integer.parseInt(token.substring(MAX_AGE.length() + 1));
} else if (token.startsWith(EXPIRES)) {
try {
//All HTTP date/time stamps MUST be represented in Greenwich Mean Time (GMT)
dateFormat.setTimeZone(TimeZone.getTimeZone(GMT_TIMEZONE));
expiry = dateFormat.parse(token.substring(EXPIRES.length() + 1));
} catch (ParseException e) {
log.error("Error while parsing the Date value. Hence return null", e);
}
} else {
int i = token.indexOf('=');
if (i != -1) {
name = token.substring(0, i);
value = i == token.length() + 1 ? "" : token.substring(i + 1);
}
}
}
if (name == null) {
throw new IllegalArgumentException("Cookie is malformed : " + cookieValue);
}
return new NewCookie(name, value, path, domain, version, comment, maxAge, expiry, secure, httpOnly);
}
public NewCookie fromString(String c) {
if (c == null) {
throw new IllegalArgumentException("SetCookie value can not be null");
}
String name = null;
String value = null;
String path = null;
String domain = null;
String comment = null;
int maxAge = NewCookie.DEFAULT_MAX_AGE;
boolean isSecure = false;
Date expires = null;
boolean httpOnly = false;
int version = Cookie.DEFAULT_VERSION;
String[] tokens = c.split(";");
for (String token : tokens) {
String theToken = token.trim();
int sepIndex = theToken.indexOf('=');
String paramName = sepIndex != -1 ? theToken.substring(0, sepIndex) : theToken;
String paramValue = null;
if (sepIndex == theToken.length() - 1) {
paramValue = "";
} else if (sepIndex != -1) {
paramValue = theToken.substring(sepIndex + 1);
}
if (paramValue != null) {
paramValue = stripQuotes(paramValue);
}
if (paramName.equalsIgnoreCase(MAX_AGE)) {
maxAge = Integer.parseInt(paramValue);
} else if (paramName.equalsIgnoreCase(PATH)) {
path = paramValue;
} else if (paramName.equalsIgnoreCase(DOMAIN)) {
domain = paramValue;
} else if (paramName.equalsIgnoreCase(COMMENT)) {
comment = paramValue;
} else if (paramName.equalsIgnoreCase(SECURE)) {
isSecure = true;
} else if (paramName.equalsIgnoreCase(EXPIRES)) {
expires = HttpUtils.getHttpDate(paramValue);
} else if (paramName.equalsIgnoreCase(HTTP_ONLY)) {
httpOnly = true;
} else if (paramName.equalsIgnoreCase(VERSION)) {
version = Integer.parseInt(paramValue);
} else if (paramValue != null) {
name = paramName;
value = paramValue;
}
}
if (name == null || value == null) {
throw new IllegalArgumentException("Set-Cookie is malformed : " + c);
}
return new NewCookie(name, value, path, domain, version, comment, maxAge, expires, isSecure, httpOnly);
}
/**
* Creates a session cookie
*
* @param session
* @return
*/
private NewCookie createSessionCookie(Session session) {
return new NewCookie(AUTH_COOKIE, session.getId(), "/", null, null, NewCookie.DEFAULT_MAX_AGE, false);
}