Package org.apache.nifi.web.security.cookie

Class StandardApplicationCookieService

java.lang.Object
org.apache.nifi.web.security.cookie.StandardApplicationCookieService
All Implemented Interfaces:
ApplicationCookieService
Direct Known Subclasses:
StandardCookieCsrfTokenRepository.CsrfApplicationCookieService
public class StandardApplicationCookieService extends Object implements ApplicationCookieService
Standard implementation of Application Cookie Service using Spring Framework utilities

  • Field Details

    • MAX_AGE_SESSION

      private static final Duration MAX_AGE_SESSION

    • MAX_AGE_REMOVE

      private static final Duration MAX_AGE_REMOVE

    • MAX_AGE_STANDARD

      private static final Duration MAX_AGE_STANDARD

    • DEFAULT_PATH

      private static final String DEFAULT_PATH
      See Also:

    • SECURE_ENABLED

      private static final boolean SECURE_ENABLED
      See Also:

    • HTTP_ONLY_ENABLED

      private static final boolean HTTP_ONLY_ENABLED
      See Also:

    • logger

      private static final org.slf4j.Logger logger

  • Constructor Details

    • StandardApplicationCookieService

      public StandardApplicationCookieService()

  • Method Details

    • addCookie

      public void addCookie(URI resourceUri, jakarta.servlet.http.HttpServletResponse response, ApplicationCookieName applicationCookieName, String value)
      Generate cookie with specified value
      Specified by:
      addCookie in interface ApplicationCookieService
      Parameters:
      resourceUri - Resource URI containing path and domain
      response - HTTP Servlet Response
      applicationCookieName - Application Cookie Name to be added
      value - Cookie value to be added

    • addSessionCookie

      public void addSessionCookie(URI resourceUri, jakarta.servlet.http.HttpServletResponse response, ApplicationCookieName applicationCookieName, String value)
      Generate cookie with session-based expiration and specified value as well as SameSite Strict property
      Specified by:
      addSessionCookie in interface ApplicationCookieService
      Parameters:
      resourceUri - Resource URI containing path and domain
      response - HTTP Servlet Response
      applicationCookieName - Application Cookie Name
      value - Cookie value to be added

    • getCookieValue

      public Optional<String> getCookieValue(jakarta.servlet.http.HttpServletRequest request, ApplicationCookieName applicationCookieName)
      Get cookie value using specified name
      Specified by:
      getCookieValue in interface ApplicationCookieService
      Parameters:
      request - HTTP Servlet Response
      applicationCookieName - Application Cookie Name to be retrieved
      Returns:
      Optional Cookie Value

    • removeCookie

      public void removeCookie(URI resourceUri, jakarta.servlet.http.HttpServletResponse response, ApplicationCookieName applicationCookieName)
      Generate cookie with an empty value instructing the client to remove the cookie with a maximum age of 60 seconds
      Specified by:
      removeCookie in interface ApplicationCookieService
      Parameters:
      resourceUri - Resource URI containing path and domain
      response - HTTP Servlet Response
      applicationCookieName - Application Cookie Name to be removed

    • getCookieBuilder

      protected org.springframework.http.ResponseCookie.ResponseCookieBuilder getCookieBuilder(URI resourceUri, ApplicationCookieName applicationCookieName, String value, Duration maxAge)
      Get Response Cookie Builder with standard properties
      Parameters:
      resourceUri - Resource URI containing path and domain
      applicationCookieName - Application Cookie Name to be used
      value - Cookie value
      maxAge - Max Age
      Returns:
      Response Cookie Builder

    • setResponseCookie

      private void setResponseCookie(jakarta.servlet.http.HttpServletResponse response, org.springframework.http.ResponseCookie responseCookie)

    • getCookiePath

      private String getCookiePath(URI resourceUri)