001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.util;
016    
017    import com.liferay.portal.CookieNotSupportedException;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.kernel.util.CharPool;
021    import com.liferay.portal.kernel.util.StringPool;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.util.CookieUtil;
024    
025    import javax.servlet.http.Cookie;
026    import javax.servlet.http.HttpServletRequest;
027    import javax.servlet.http.HttpServletResponse;
028    
029    import org.apache.commons.codec.binary.Hex;
030    
031    /**
032     * @author Brian Wing Shun Chan
033     * @author Minhchau Dang
034     */
035    public class CookieKeys implements com.liferay.portal.kernel.util.CookieKeys {
036    
037            public static void addCookie(
038                    HttpServletRequest request, HttpServletResponse response,
039                    Cookie cookie) {
040    
041                    addCookie(request, response, cookie, request.isSecure());
042            }
043    
044            public static void addCookie(
045                    HttpServletRequest request, HttpServletResponse response,
046                    Cookie cookie, boolean secure) {
047    
048                    if (!PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES ||
049                            PropsValues.TCK_URL) {
050    
051                            return;
052                    }
053    
054                    // LEP-5175
055    
056                    String name = cookie.getName();
057    
058                    String originalValue = cookie.getValue();
059                    String encodedValue = originalValue;
060    
061                    if (isEncodedCookie(name)) {
062                            encodedValue = new String(Hex.encodeHex(originalValue.getBytes()));
063    
064                            if (_log.isDebugEnabled()) {
065                                    _log.debug("Add encoded cookie " + name);
066                                    _log.debug("Original value " + originalValue);
067                                    _log.debug("Hex encoded value " + encodedValue);
068                            }
069                    }
070    
071                    cookie.setSecure(secure);
072                    cookie.setValue(encodedValue);
073                    cookie.setVersion(VERSION);
074    
075                    // Setting a cookie will cause the TCK to lose its ability to track
076                    // sessions
077    
078                    response.addCookie(cookie);
079            }
080    
081            public static void addSupportCookie(
082                    HttpServletRequest request, HttpServletResponse response) {
083    
084                    Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
085    
086                    cookieSupportCookie.setPath(StringPool.SLASH);
087                    cookieSupportCookie.setMaxAge(MAX_AGE);
088    
089                    addCookie(request, response, cookieSupportCookie);
090            }
091    
092            public static String getCookie(HttpServletRequest request, String name) {
093                    String value = CookieUtil.get(request, name);
094    
095                    if ((value != null) && isEncodedCookie(name)) {
096                            try {
097                                    String encodedValue = value;
098                                    String originalValue = new String(
099                                            Hex.decodeHex(encodedValue.toCharArray()));
100    
101                                    if (_log.isDebugEnabled()) {
102                                            _log.debug("Get encoded cookie " + name);
103                                            _log.debug("Hex encoded value " + encodedValue);
104                                            _log.debug("Original value " + originalValue);
105                                    }
106    
107                                    return originalValue;
108                            }
109                            catch (Exception e) {
110                                    if (_log.isWarnEnabled()) {
111                                            _log.warn(e.getMessage());
112                                    }
113    
114                                    return value;
115                            }
116                    }
117    
118                    return value;
119            }
120    
121            public static String getDomain(HttpServletRequest request) {
122    
123                    // See LEP-4602 and       LEP-4618.
124    
125                    if (Validator.isNotNull(PropsValues.SESSION_COOKIE_DOMAIN)) {
126                            return PropsValues.SESSION_COOKIE_DOMAIN;
127                    }
128    
129                    String host = request.getServerName();
130    
131                    return getDomain(host);
132            }
133    
134            public static String getDomain(String host) {
135    
136                    // See LEP-4602 and LEP-4645.
137    
138                    if (host == null) {
139                            return null;
140                    }
141    
142                    // See LEP-5595.
143    
144                    if (Validator.isIPAddress(host)) {
145                            return host;
146                    }
147    
148                    int x = host.lastIndexOf(CharPool.PERIOD);
149    
150                    if (x <= 0) {
151                            return null;
152                    }
153    
154                    int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
155    
156                    if (y <= 0) {
157                            return StringPool.PERIOD + host;
158                    }
159    
160                    int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
161    
162                    String domain = null;
163    
164                    if (z <= 0) {
165                            domain = host.substring(y);
166                    }
167                    else {
168                            domain = host.substring(z);
169                    }
170    
171                    return domain;
172            }
173    
174            public static boolean hasSessionId(HttpServletRequest request) {
175                    String jsessionid = getCookie(request, JSESSIONID);
176    
177                    if (jsessionid != null) {
178                            return true;
179                    }
180                    else {
181                            return false;
182                    }
183            }
184    
185            public static boolean isEncodedCookie(String name) {
186                    if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
187                            name.equals(SCREEN_NAME)) {
188    
189                            return true;
190                    }
191                    else {
192                            return false;
193                    }
194            }
195    
196            public static void validateSupportCookie(HttpServletRequest request)
197                    throws CookieNotSupportedException {
198    
199                    if (PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES &&
200                            PropsValues.SESSION_TEST_COOKIE_SUPPORT) {
201    
202                            String cookieSupport = getCookie(request, COOKIE_SUPPORT);
203    
204                            if (Validator.isNull(cookieSupport)) {
205                                    throw new CookieNotSupportedException();
206                            }
207                    }
208            }
209    
210            public static final int MAX_AGE = 31536000;
211    
212            public static final int VERSION = 0;
213    
214            private static Log _log = LogFactoryUtil.getLog(CookieKeys.class);
215    
216    }