All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.graylog2.rest.resources.system.CookieFactory Maven / Gradle / Ivy

There is a newer version: 6.1.4
Show newest version
/*
 * Copyright (C) 2020 Graylog, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the Server Side Public License, version 1,
 * as published by MongoDB, Inc.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * Server Side Public License for more details.
 *
 * You should have received a copy of the Server Side Public License
 * along with this program. If not, see
 * .
 */
package org.graylog2.rest.resources.system;

import com.google.common.base.Strings;
import org.graylog2.configuration.HttpConfiguration;
import org.graylog2.rest.models.system.sessions.responses.SessionResponse;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.NewCookie;
import java.net.URI;
import java.util.Date;
import java.util.Optional;

public class CookieFactory {
    private static final String HEADER_ORIGIN = "Origin";
    private static final String HEADER_X_FORWARDED_PROTO = "X-Forwarded-Proto";

    NewCookie createAuthenticationCookie(SessionResponse token, ContainerRequestContext requestContext) {
        return makeCookie(token.getAuthenticationToken(), token.validUntil(), requestContext);
    }

    NewCookie deleteAuthenticationCookie(ContainerRequestContext requestContext) {
        return makeCookie("", new Date(), requestContext);
    }

    private NewCookie makeCookie(String value, Date validUntil, ContainerRequestContext requestContext) {
        final Date now = new Date();
        final int maxAge = Long.valueOf((validUntil.getTime() - now.getTime()) / 1000).intValue();

        final URI baseUri = baseUriFromRequest(requestContext);
        final String basePath = Optional.ofNullable(Strings.emptyToNull(baseUri.getPath())).orElse("/");

        final boolean isSecure = schemeFromRequest(requestContext)
                .map(scheme -> scheme.equalsIgnoreCase("https"))
                .orElse(false);

        return new NewCookie("authentication",
                value,
                basePath,
                null,
                Cookie.DEFAULT_VERSION,
                "Authentication Cookie",
                maxAge,
                validUntil,
                isSecure,
                true);
    }

    private Optional schemeFromRequest(ContainerRequestContext requestContext) {
        final Optional graylogUrlFromHeader = uriFromHeader(requestContext, HttpConfiguration.OVERRIDE_HEADER);

        if (graylogUrlFromHeader.isPresent()) {
            return graylogUrlFromHeader.map(URI::getScheme);
        }

        final Optional xForwardedProtoHeader = Optional.ofNullable(requestContext.getHeaderString(HEADER_X_FORWARDED_PROTO))
                .filter(header -> !Strings.isNullOrEmpty(header));

        if (xForwardedProtoHeader.isPresent()) {
            return xForwardedProtoHeader;
        }

        final Optional origin = uriFromHeader(requestContext, HEADER_ORIGIN);

        return origin.map(URI::getScheme);
    }

    private Optional uriFromHeader(ContainerRequestContext requestContext, String headerName) {
        return Optional.ofNullable(requestContext.getHeaderString(headerName))
                .filter(header -> !Strings.isNullOrEmpty(header))
                .flatMap(this::safeCreateUri);
    }

    private URI baseUriFromRequest(ContainerRequestContext requestContext) {
        final Optional graylogUrlFromHeader = uriFromHeader(requestContext, HttpConfiguration.OVERRIDE_HEADER);
        if (graylogUrlFromHeader.isPresent()) {
            return graylogUrlFromHeader.get();
        }

        final Optional origin = uriFromHeader(requestContext, HEADER_ORIGIN);

        return origin.orElseGet(() -> requestContext.getUriInfo().getBaseUri());
    }

    private Optional safeCreateUri(String uri) {
        try {
            return Optional.of(URI.create(uri));
        } catch (IllegalArgumentException ignored) {
            return Optional.empty();
        }
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy