001
014
015 package com.liferay.portal.util;
016
017 import com.liferay.portal.CookieNotSupportedException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.CharPool;
021 import com.liferay.portal.kernel.util.GetterUtil;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.util.CookieUtil;
026
027 import javax.servlet.http.Cookie;
028 import javax.servlet.http.HttpServletRequest;
029 import javax.servlet.http.HttpServletResponse;
030
031 import org.apache.commons.codec.binary.Hex;
032
033
037 public class CookieKeys implements com.liferay.portal.kernel.util.CookieKeys {
038
039 public static final int MAX_AGE = 31536000;
040
041 public static final int VERSION = 0;
042
043 public static void addCookie(
044 HttpServletRequest request, HttpServletResponse response,
045 Cookie cookie) {
046
047 addCookie(request, response, cookie, request.isSecure());
048 }
049
050 public static void addCookie(
051 HttpServletRequest request, HttpServletResponse response, Cookie cookie,
052 boolean secure) {
053
054 if (!PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES ||
055 PropsValues.TCK_URL) {
056
057 return;
058 }
059
060
061
062 String name = cookie.getName();
063
064 String originalValue = cookie.getValue();
065 String encodedValue = originalValue;
066
067 if (isEncodedCookie(name)) {
068 encodedValue = new String(Hex.encodeHex(originalValue.getBytes()));
069
070 if (_log.isDebugEnabled()) {
071 _log.debug("Add encoded cookie " + name);
072 _log.debug("Original value " + originalValue);
073 _log.debug("Hex encoded value " + encodedValue);
074 }
075 }
076
077 cookie.setSecure(secure);
078 cookie.setValue(encodedValue);
079 cookie.setVersion(VERSION);
080
081
082
083
084 response.addCookie(cookie);
085 }
086
087 public static void addSupportCookie(
088 HttpServletRequest request, HttpServletResponse response) {
089
090 Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
091
092 cookieSupportCookie.setPath(StringPool.SLASH);
093 cookieSupportCookie.setMaxAge(MAX_AGE);
094
095 addCookie(request, response, cookieSupportCookie);
096 }
097
098 public static String getCookie(HttpServletRequest request, String name) {
099 return getCookie(request, name, true);
100 }
101
102 public static String getCookie(
103 HttpServletRequest request, String name, boolean toUpperCase) {
104
105 String value = CookieUtil.get(request, name, toUpperCase);
106
107 if ((value != null) && isEncodedCookie(name)) {
108 try {
109 String encodedValue = value;
110 String originalValue = new String(
111 Hex.decodeHex(encodedValue.toCharArray()));
112
113 if (_log.isDebugEnabled()) {
114 _log.debug("Get encoded cookie " + name);
115 _log.debug("Hex encoded value " + encodedValue);
116 _log.debug("Original value " + originalValue);
117 }
118
119 return originalValue;
120 }
121 catch (Exception e) {
122 if (_log.isWarnEnabled()) {
123 _log.warn(e.getMessage());
124 }
125
126 return value;
127 }
128 }
129
130 return value;
131 }
132
133 public static String getDomain(HttpServletRequest request) {
134
135
136
137 if (Validator.isNotNull(_SESSION_COOKIE_DOMAIN)) {
138 return _SESSION_COOKIE_DOMAIN;
139 }
140
141 String host = request.getServerName();
142
143 if (_SESSION_COOKIE_USE_FULL_HOSTNAME) {
144 return host;
145 }
146
147 return getDomain(host);
148 }
149
150 public static String getDomain(String host) {
151
152
153
154 if (host == null) {
155 return null;
156 }
157
158
159
160 if (Validator.isIPAddress(host)) {
161 return host;
162 }
163
164 int x = host.lastIndexOf(CharPool.PERIOD);
165
166 if (x <= 0) {
167 return null;
168 }
169
170 int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
171
172 if (y <= 0) {
173 return StringPool.PERIOD + host;
174 }
175
176 int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
177
178 String domain = null;
179
180 if (z <= 0) {
181 domain = host.substring(y);
182 }
183 else {
184 domain = host.substring(z);
185 }
186
187 return domain;
188 }
189
190 public static boolean hasSessionId(HttpServletRequest request) {
191 String jsessionid = getCookie(request, JSESSIONID, false);
192
193 if (jsessionid != null) {
194 return true;
195 }
196 else {
197 return false;
198 }
199 }
200
201 public static boolean isEncodedCookie(String name) {
202 if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
203 name.equals(SCREEN_NAME)) {
204
205 return true;
206 }
207 else {
208 return false;
209 }
210 }
211
212 public static void validateSupportCookie(HttpServletRequest request)
213 throws CookieNotSupportedException {
214
215 if (PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES &&
216 PropsValues.SESSION_TEST_COOKIE_SUPPORT) {
217
218 String cookieSupport = getCookie(request, COOKIE_SUPPORT, false);
219
220 if (Validator.isNull(cookieSupport)) {
221 throw new CookieNotSupportedException();
222 }
223 }
224 }
225
226 private static final String _SESSION_COOKIE_DOMAIN = PropsUtil.get(
227 PropsKeys.SESSION_COOKIE_DOMAIN);
228
229 private static final boolean _SESSION_COOKIE_USE_FULL_HOSTNAME =
230 GetterUtil.getBoolean(
231 PropsUtil.get(PropsKeys.SESSION_COOKIE_USE_FULL_HOSTNAME));
232
233 private static Log _log = LogFactoryUtil.getLog(CookieKeys.class);
234
235 }