com.alfaariss.oa.util.web.CookieTool.java Source code

Java tutorial

Introduction

Here is the source code for com.alfaariss.oa.util.web.CookieTool.java

Source

/*
 * Asimba Server
 * 
 * Copyright (C) 2012 Asimba
 * Copyright (C) 2007-2009 Alfa & Ariss B.V.
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 * 
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see www.gnu.org/licenses
 * 
 * Asimba - Serious Open Source SSO - More information on www.asimba.org
 * 
 */
package com.alfaariss.oa.util.web;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.SystemErrors;
import com.alfaariss.oa.api.configuration.IConfigurationManager;

/**
 * Cookie support functionality.
 * 
 * @author MHO
 * @author Alfa & Ariss
 * @since 1.4
 */
public class CookieTool {
    private Log _logger;

    /** Configured Cookie Secure */
    private boolean _bSecureCookie;
    /** Configured Cookie Domain */
    private String _sCookieDomain;
    /** Configured Cookie Version */
    private int _iCookieVersion;

    /**
     * Constructor. 
     * @param configurationManager The configuration manager
     * @param config The cookie configuration
     * @throws OAException 
     */
    public CookieTool(IConfigurationManager configurationManager, Element config) throws OAException {
        _logger = LogFactory.getLog(CookieTool.class);

        _bSecureCookie = false;
        _sCookieDomain = null;
        _iCookieVersion = -1;

        readCookieConfiguration(configurationManager, config);
    }

    /* 
    *<pre>
    *               .---. .---. 
    *              :     : o   :    Me Lost Me Cookie At The Disco!
    *          _..-:   o :     :-.._    /
    *      .-''  '  `---' `---' "   ``-.    
    *    .'   "   '  "  .    "  . '  "  `.  
    *   :   '.---.,,.,...,.,.,.,..---.  ' ;
    *   `. " `.                     .' " .'
    *    `.  '`.                   .' ' .'
    *     `.    `-._           _.-' "  .'  .----.
    *       `. "    '"--...--"'  . ' .'  .'  o   `.
    *       .'`-._'    " .     " _.-'`. :       o  :
    *     .'      ```--.....--'''    ' `:_ o       :
    *   .'    "     '         "     "   ; `.;";";";'
    *  ;         '       "       '     . ; .' ; ; ;
    * ;     '         '       '   "    .'      .-'
    * '  "     "   '      "           "    _.-'
    *
    *</pre>
    */
    /**
     * Set a cookie.
     * @param sCookie The cookie name.
     * @param sValue The cookie value.
     * @param oRequest The Servlet request.
     * @return The created cookie.
     */
    public Cookie createCookie(String sCookie, String sValue, HttpServletRequest oRequest) {
        return createCookie(sCookie, sValue, null, oRequest);
    }

    /**
     * Set Cookie with optional extra context in application context
     * @param sCookie
     * @param sValue
     * @param sExtraContext
     * @param oRequest
     * @return
     */
    public Cookie createCookie(String sCookie, String sValue, String sExtraContext, HttpServletRequest oRequest) {
        assert sValue != null : "Supplied value == null";
        assert oRequest != null : "Supplied request == null";

        Cookie cookie = new Cookie(sCookie, sValue);
        if (_sCookieDomain != null) {
            cookie.setDomain(_sCookieDomain);
            _logger.debug("Created domain cookie on " + _sCookieDomain);
        }

        if (_iCookieVersion != -1) {
            cookie.setVersion(_iCookieVersion);
            _logger.debug("Setting cookie version: " + _iCookieVersion);
        }

        /* format sExtraContext */
        if (sExtraContext == null) {
            sExtraContext = "";
        } else {
            if (!sExtraContext.startsWith("/")) {
                sExtraContext = "/" + sExtraContext;
            }
        }

        String path = oRequest.getContextPath();
        if (path != null && path.length() > 0) {//only set path if path not is empty (when hosted as server root, getContextPath() will return an empty string)
            cookie.setPath(path + sExtraContext);// /openaselect
        } else {//if no contextpath available then setting the cookie path on '/' instead of on the default path (which is for the sso cookie: /openaselect/sso)
            cookie.setPath("/" + sExtraContext);
        }

        cookie.setSecure(_bSecureCookie);

        StringBuffer sbDebug = new StringBuffer("Created '");
        sbDebug.append(sCookie);
        sbDebug.append("' on path=");
        sbDebug.append(cookie.getPath());
        _logger.debug(sbDebug.toString());

        return cookie;
    }

    /**
     * Returns the cookie value.
     * @param sCookie The cookie name.
     * @param oRequest The servlet request.
     * @return The cookie value or NULL if not available.
     */
    public String getCookieValue(String sCookie, HttpServletRequest oRequest) {
        assert oRequest != null : "Supplied request == null";

        String sValue = null;
        Cookie[] cookies = oRequest.getCookies();
        if (cookies != null) //Cookies found
        {
            for (Cookie cookie : cookies) //For all cookies
            {
                if (cookie.getName().equals(sCookie)) //cookie found
                {
                    sValue = cookie.getValue();
                    //remove '"' surrounding cookie value if applicable
                    int iLength = sValue.length();
                    if (sValue.charAt(0) == '"' && sValue.charAt(iLength - 1) == '"') {
                        sValue = sValue.substring(1, iLength - 1);
                    }
                }
            }
        }
        return sValue;
    }

    /**
     * Remove cookie.
     * @param sCookie The cookie name.
     * @param oRequest The servlet request.
     * @param oResponse The servlet response.
     */
    public void removeCookie(String sCookie, HttpServletRequest oRequest, HttpServletResponse oResponse) {
        Cookie cookie = createCookie(sCookie, "jimmorrisonisstillalive", oRequest);
        cookie.setMaxAge(0); //Expire                        
        oResponse.addCookie(cookie);
    }

    //Read optional cookie configuration
    private void readCookieConfiguration(IConfigurationManager configurationManager, Element eConfig)
            throws OAException {
        assert eConfig != null : "Supplied config == null";

        Element eCookie = configurationManager.getSection(eConfig, "cookie");
        if (eCookie == null) {
            _bSecureCookie = false;
            _sCookieDomain = null;
            _logger.info("No cookie configuration found, using defaults: no domain, secure not forced");
        } else {
            String sDomain = configurationManager.getParam(eCookie, "domain");
            if (sDomain != null && sDomain.length() > 0) {
                _sCookieDomain = sDomain;
                _logger.info("The following cookie domain will be used for setting SSO cookies: " + _sCookieDomain);
            } else {
                _sCookieDomain = null;
                _logger.info("No specific cookie domain configuration found");
            }

            String sVersion = configurationManager.getParam(eCookie, "version");
            if (sVersion != null) {
                try {
                    _iCookieVersion = Integer.parseInt(sVersion);
                } catch (NumberFormatException e) {
                    _logger.error("Invalid value for 'version' item found in configuration (must be a number): "
                            + sVersion, e);
                    throw new OAException(SystemErrors.ERROR_CONFIG_READ);
                }

                if (_iCookieVersion < 0) {
                    _logger.error(
                            "Invalid value for 'version' item found in configuration (must be >= 0): " + sVersion);
                    throw new OAException(SystemErrors.ERROR_CONFIG_READ);
                }

                _logger.info("Using cookie version: " + _iCookieVersion);
            }

            _bSecureCookie = false;
            String sSecure = configurationManager.getParam(eCookie, "secure");
            if (sSecure != null) {
                if ("true".equalsIgnoreCase(sSecure))
                    _bSecureCookie = true;
                else if (!"false".equalsIgnoreCase(sSecure)) {
                    _logger.error("Invalid value for 'secure' item found in configuration: " + sSecure);
                    throw new OAException(SystemErrors.ERROR_CONFIG_READ);
                }
            }

            _logger.info("Optional 'secure' item is configured with value: " + _bSecureCookie);
        }
    }
}