• Home
• org.http4k
• http4k-security-oauth
• 5.41.0.0
• source code
• InsecureCookieBasedAuthRequestTracking.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.http4k.security.oauth.server.InsecureCookieBasedAuthRequestTracking.kt Maven / Gradle / Ivy

package org.http4k.security.oauth.server

import org.http4k.core.Method.GET
import org.http4k.core.Request
import org.http4k.core.Response
import org.http4k.core.Uri
import org.http4k.core.cookie.Cookie
import org.http4k.core.cookie.cookie
import org.http4k.core.with

class InsecureCookieBasedAuthRequestTracking : AuthRequestTracking {
    private val cookieName = "OauthFlowId"

    override fun trackAuthRequest(request: Request, authRequest: AuthRequest, response: Response): Response =
        response.cookie(Cookie(cookieName, authRequest.serialise()))

    override fun resolveAuthRequest(request: Request): AuthRequest? =
        request.cookie(cookieName)?.value
            ?.let { Request(GET, Uri.of("dummy").query(it)) }?.authorizationRequest()

    private fun AuthRequest.serialise() = Request(GET, "dummy")
        .with(OAuthServer.clientIdQueryParameter of client)
        .with(OAuthServer.redirectUriQueryParameter of redirectUri!!)
        .with(OAuthServer.scopesQueryParameter of scopes)
        .with(OAuthServer.state of state)
        .with(OAuthServer.responseType of responseType)
        .with(OAuthServer.responseMode of responseMode)
        .uri.query
}