001
014
015 package com.liferay.portal.kernel.util;
016
017 import com.liferay.portal.CookieNotSupportedException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020
021 import java.util.Collections;
022 import java.util.HashMap;
023 import java.util.Map;
024
025 import javax.servlet.http.Cookie;
026 import javax.servlet.http.HttpServletRequest;
027 import javax.servlet.http.HttpServletResponse;
028
029
033 public class CookieKeys {
034
035 public static final String COMPANY_ID = "COMPANY_ID";
036
037 public static final String COOKIE_SUPPORT = "COOKIE_SUPPORT";
038
039 public static final String GUEST_LANGUAGE_ID = "GUEST_LANGUAGE_ID";
040
041 public static final String ID = "ID";
042
043 public static final String JSESSIONID = "JSESSIONID";
044
045 public static final String LOGIN = "LOGIN";
046
047 public static final int MAX_AGE =(int)Time.YEAR;
048
049 public static final String PASSWORD = "PASSWORD";
050
051 public static final String REMEMBER_ME = "REMEMBER_ME";
052
053 public static final String SCREEN_NAME = "SCREEN_NAME";
054
055 public static final String USER_UUID = "USER_UUID";
056
057 public static void addCookie(
058 HttpServletRequest request, HttpServletResponse response,
059 Cookie cookie) {
060
061 addCookie(request, response, cookie, request.isSecure());
062 }
063
064 public static void addCookie(
065 HttpServletRequest request, HttpServletResponse response, Cookie cookie,
066 boolean secure) {
067
068 if (!_SESSION_ENABLE_PERSISTENT_COOKIES || _TCK_URL) {
069 return;
070 }
071
072
073
074 String name = cookie.getName();
075
076 String originalValue = cookie.getValue();
077 String encodedValue = originalValue;
078
079 if (isEncodedCookie(name)) {
080 encodedValue = UnicodeFormatter.bytesToHex(
081 originalValue.getBytes());
082
083 if (_log.isDebugEnabled()) {
084 _log.debug("Add encoded cookie " + name);
085 _log.debug("Original value " + originalValue);
086 _log.debug("Hex encoded value " + encodedValue);
087 }
088 }
089
090 cookie.setSecure(secure);
091 cookie.setValue(encodedValue);
092 cookie.setVersion(0);
093
094
095
096
097 response.addCookie(cookie);
098 }
099
100 public static void addSupportCookie(
101 HttpServletRequest request, HttpServletResponse response) {
102
103 Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
104
105 cookieSupportCookie.setPath(StringPool.SLASH);
106 cookieSupportCookie.setMaxAge(MAX_AGE);
107
108 addCookie(request, response, cookieSupportCookie);
109 }
110
111 public static String getCookie(HttpServletRequest request, String name) {
112 return getCookie(request, name, true);
113 }
114
115 public static String getCookie(
116 HttpServletRequest request, String name, boolean toUpperCase) {
117
118 String value = _get(request, name, toUpperCase);
119
120 if ((value == null) || !isEncodedCookie(name)) {
121 return value;
122 }
123
124 try {
125 String encodedValue = value;
126 String originalValue = new String(
127 UnicodeFormatter.hexToBytes(encodedValue));
128
129 if (_log.isDebugEnabled()) {
130 _log.debug("Get encoded cookie " + name);
131 _log.debug("Hex encoded value " + encodedValue);
132 _log.debug("Original value " + originalValue);
133 }
134
135 return originalValue;
136 }
137 catch (Exception e) {
138 if (_log.isWarnEnabled()) {
139 _log.warn(e.getMessage());
140 }
141
142 return value;
143 }
144 }
145
146 public static String getDomain(HttpServletRequest request) {
147
148
149
150 if (Validator.isNotNull(_SESSION_COOKIE_DOMAIN)) {
151 return _SESSION_COOKIE_DOMAIN;
152 }
153
154 String host = request.getServerName();
155
156 if (_SESSION_COOKIE_USE_FULL_HOSTNAME) {
157 return host;
158 }
159
160 return getDomain(host);
161 }
162
163 public static String getDomain(String host) {
164
165
166
167 if (host == null) {
168 return null;
169 }
170
171
172
173 if (Validator.isIPAddress(host)) {
174 return host;
175 }
176
177 int x = host.lastIndexOf(CharPool.PERIOD);
178
179 if (x <= 0) {
180 return null;
181 }
182
183 int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
184
185 if (y <= 0) {
186 return StringPool.PERIOD + host;
187 }
188
189 int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
190
191 String domain = null;
192
193 if (z <= 0) {
194 domain = host.substring(y);
195 }
196 else {
197 domain = host.substring(z);
198 }
199
200 return domain;
201 }
202
203 public static boolean hasSessionId(HttpServletRequest request) {
204 String jsessionid = getCookie(request, JSESSIONID, false);
205
206 if (jsessionid != null) {
207 return true;
208 }
209 else {
210 return false;
211 }
212 }
213
214 public static boolean isEncodedCookie(String name) {
215 if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
216 name.equals(SCREEN_NAME)) {
217
218 return true;
219 }
220 else {
221 return false;
222 }
223 }
224
225 public static void validateSupportCookie(HttpServletRequest request)
226 throws CookieNotSupportedException {
227
228 if (_SESSION_ENABLE_PERSISTENT_COOKIES &&
229 _SESSION_TEST_COOKIE_SUPPORT) {
230
231 String cookieSupport = getCookie(request, COOKIE_SUPPORT, false);
232
233 if (Validator.isNull(cookieSupport)) {
234 throw new CookieNotSupportedException();
235 }
236 }
237 }
238
239 private static String _get(
240 HttpServletRequest request, String name, boolean toUpperCase) {
241
242 Map<String, Cookie> cookieMap = _getCookieMap(request);
243
244 if (toUpperCase) {
245 name = name.toUpperCase();
246 }
247
248 Cookie cookie = cookieMap.get(name);
249
250 if (cookie == null) {
251 return null;
252 }
253 else {
254 return cookie.getValue();
255 }
256 }
257
258 private static Map<String, Cookie> _getCookieMap(
259 HttpServletRequest request) {
260
261 Map<String, Cookie> cookieMap =
262 (Map<String, Cookie>)request.getAttribute(
263 CookieKeys.class.getName());
264
265 if (cookieMap != null) {
266 return cookieMap;
267 }
268
269 Cookie[] cookies = request.getCookies();
270
271 if (cookies == null) {
272 cookieMap = Collections.emptyMap();
273 }
274 else {
275 cookieMap = new HashMap<String, Cookie>(cookies.length * 4 / 3);
276
277 for (Cookie cookie : cookies) {
278 String cookieName = GetterUtil.getString(cookie.getName());
279
280 cookieName = cookieName.toUpperCase();
281
282 cookieMap.put(cookieName, cookie);
283 }
284 }
285
286 request.setAttribute(CookieKeys.class.getName(), cookieMap);
287
288 return cookieMap;
289 }
290
291 private static final String _SESSION_COOKIE_DOMAIN = PropsUtil.get(
292 PropsKeys.SESSION_COOKIE_DOMAIN);
293
294 private static final boolean _SESSION_COOKIE_USE_FULL_HOSTNAME =
295 GetterUtil.getBoolean(
296 PropsUtil.get(PropsKeys.SESSION_COOKIE_USE_FULL_HOSTNAME));
297
298 private static final boolean _SESSION_ENABLE_PERSISTENT_COOKIES =
299 GetterUtil.getBoolean(
300 PropsUtil.get(PropsKeys.SESSION_ENABLE_PERSISTENT_COOKIES));
301
302 private static final boolean _SESSION_TEST_COOKIE_SUPPORT =
303 GetterUtil.getBoolean(
304 PropsUtil.get(PropsKeys.SESSION_TEST_COOKIE_SUPPORT));
305
306 private static final boolean _TCK_URL = GetterUtil.getBoolean(
307 PropsUtil.get(PropsKeys.TCK_URL));
308
309 private static Log _log = LogFactoryUtil.getLog(CookieKeys.class);
310
311 }