001
014
015 package com.liferay.portal.kernel.util;
016
017 import com.liferay.portal.CookieNotSupportedException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020
021 import java.util.Collections;
022 import java.util.HashMap;
023 import java.util.Map;
024
025 import javax.servlet.http.Cookie;
026 import javax.servlet.http.HttpServletRequest;
027 import javax.servlet.http.HttpServletResponse;
028
029
033 public class CookieKeys {
034
035 public static final String COMPANY_ID = "COMPANY_ID";
036
037 public static final String COOKIE_SUPPORT = "COOKIE_SUPPORT";
038
039 public static final String GUEST_LANGUAGE_ID = "GUEST_LANGUAGE_ID";
040
041 public static final String ID = "ID";
042
043 public static final String JSESSIONID = "JSESSIONID";
044
045 public static final String LOGIN = "LOGIN";
046
047 public static final int MAX_AGE = (int)(Time.YEAR / 1000);
048
049 public static final String PASSWORD = "PASSWORD";
050
051 public static final String REMEMBER_ME = "REMEMBER_ME";
052
053 public static final String REMOTE_PREFERENCE_PREFIX = "REMOTE_PREFERENCE_";
054
055 public static final String SCREEN_NAME = "SCREEN_NAME";
056
057 public static final String USER_UUID = "USER_UUID";
058
059 public static void addCookie(
060 HttpServletRequest request, HttpServletResponse response,
061 Cookie cookie) {
062
063 addCookie(request, response, cookie, request.isSecure());
064 }
065
066 public static void addCookie(
067 HttpServletRequest request, HttpServletResponse response, Cookie cookie,
068 boolean secure) {
069
070 if (!_SESSION_ENABLE_PERSISTENT_COOKIES) {
071 return;
072 }
073
074
075
076 String name = cookie.getName();
077
078 String originalValue = cookie.getValue();
079 String encodedValue = originalValue;
080
081 if (isEncodedCookie(name)) {
082 encodedValue = UnicodeFormatter.bytesToHex(
083 originalValue.getBytes());
084
085 if (_log.isDebugEnabled()) {
086 _log.debug("Add encoded cookie " + name);
087 _log.debug("Original value " + originalValue);
088 _log.debug("Hex encoded value " + encodedValue);
089 }
090 }
091
092 cookie.setSecure(secure);
093 cookie.setValue(encodedValue);
094 cookie.setVersion(0);
095
096 response.addCookie(cookie);
097 }
098
099 public static void addSupportCookie(
100 HttpServletRequest request, HttpServletResponse response) {
101
102 Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
103
104 cookieSupportCookie.setPath(StringPool.SLASH);
105 cookieSupportCookie.setMaxAge(MAX_AGE);
106
107 addCookie(request, response, cookieSupportCookie);
108 }
109
110 public static String getCookie(HttpServletRequest request, String name) {
111 return getCookie(request, name, true);
112 }
113
114 public static String getCookie(
115 HttpServletRequest request, String name, boolean toUpperCase) {
116
117 if (!_SESSION_ENABLE_PERSISTENT_COOKIES) {
118 return null;
119 }
120
121 String value = _get(request, name, toUpperCase);
122
123 if ((value == null) || !isEncodedCookie(name)) {
124 return value;
125 }
126
127 try {
128 String encodedValue = value;
129 String originalValue = new String(
130 UnicodeFormatter.hexToBytes(encodedValue));
131
132 if (_log.isDebugEnabled()) {
133 _log.debug("Get encoded cookie " + name);
134 _log.debug("Hex encoded value " + encodedValue);
135 _log.debug("Original value " + originalValue);
136 }
137
138 return originalValue;
139 }
140 catch (Exception e) {
141 if (_log.isWarnEnabled()) {
142 _log.warn(e.getMessage());
143 }
144
145 return value;
146 }
147 }
148
149 public static String getDomain(HttpServletRequest request) {
150
151
152
153 if (Validator.isNotNull(_SESSION_COOKIE_DOMAIN)) {
154 return _SESSION_COOKIE_DOMAIN;
155 }
156
157 String host = request.getServerName();
158
159 if (_SESSION_COOKIE_USE_FULL_HOSTNAME) {
160 return StringPool.BLANK;
161 }
162
163 return getDomain(host);
164 }
165
166 public static String getDomain(String host) {
167
168
169
170 if (host == null) {
171 return null;
172 }
173
174
175
176 if (Validator.isIPAddress(host)) {
177 return host;
178 }
179
180 int x = host.lastIndexOf(CharPool.PERIOD);
181
182 if (x <= 0) {
183 return null;
184 }
185
186 int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
187
188 if (y <= 0) {
189 return StringPool.PERIOD + host;
190 }
191
192 int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
193
194 String domain = null;
195
196 if (z <= 0) {
197 domain = host.substring(y);
198 }
199 else {
200 domain = host.substring(z);
201 }
202
203 return domain;
204 }
205
206 public static boolean hasSessionId(HttpServletRequest request) {
207 String jsessionid = getCookie(request, JSESSIONID, false);
208
209 if (jsessionid != null) {
210 return true;
211 }
212 else {
213 return false;
214 }
215 }
216
217 public static boolean isEncodedCookie(String name) {
218 if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
219 name.equals(SCREEN_NAME) || name.equals(USER_UUID)) {
220
221 return true;
222 }
223 else {
224 return false;
225 }
226 }
227
228 public static void validateSupportCookie(HttpServletRequest request)
229 throws CookieNotSupportedException {
230
231 if (_SESSION_ENABLE_PERSISTENT_COOKIES &&
232 _SESSION_TEST_COOKIE_SUPPORT) {
233
234 String cookieSupport = getCookie(request, COOKIE_SUPPORT, false);
235
236 if (Validator.isNull(cookieSupport)) {
237 throw new CookieNotSupportedException();
238 }
239 }
240 }
241
242 private static String _get(
243 HttpServletRequest request, String name, boolean toUpperCase) {
244
245 Map<String, Cookie> cookieMap = _getCookieMap(request);
246
247 if (toUpperCase) {
248 name = StringUtil.toUpperCase(name);
249 }
250
251 Cookie cookie = cookieMap.get(name);
252
253 if (cookie == null) {
254 return null;
255 }
256 else {
257 return cookie.getValue();
258 }
259 }
260
261 private static Map<String, Cookie> _getCookieMap(
262 HttpServletRequest request) {
263
264 Map<String, Cookie> cookieMap =
265 (Map<String, Cookie>)request.getAttribute(
266 CookieKeys.class.getName());
267
268 if (cookieMap != null) {
269 return cookieMap;
270 }
271
272 Cookie[] cookies = request.getCookies();
273
274 if (cookies == null) {
275 cookieMap = Collections.emptyMap();
276 }
277 else {
278 cookieMap = new HashMap<>(cookies.length * 4 / 3);
279
280 for (Cookie cookie : cookies) {
281 String cookieName = GetterUtil.getString(cookie.getName());
282
283 cookieName = StringUtil.toUpperCase(cookieName);
284
285 cookieMap.put(cookieName, cookie);
286 }
287 }
288
289 request.setAttribute(CookieKeys.class.getName(), cookieMap);
290
291 return cookieMap;
292 }
293
294 private static final String _SESSION_COOKIE_DOMAIN = PropsUtil.get(
295 PropsKeys.SESSION_COOKIE_DOMAIN);
296
297 private static final boolean _SESSION_COOKIE_USE_FULL_HOSTNAME =
298 GetterUtil.getBoolean(
299 PropsUtil.get(PropsKeys.SESSION_COOKIE_USE_FULL_HOSTNAME));
300
301 private static final boolean _SESSION_ENABLE_PERSISTENT_COOKIES =
302 GetterUtil.getBoolean(
303 PropsUtil.get(PropsKeys.SESSION_ENABLE_PERSISTENT_COOKIES));
304
305 private static final boolean _SESSION_TEST_COOKIE_SUPPORT =
306 GetterUtil.getBoolean(
307 PropsUtil.get(PropsKeys.SESSION_TEST_COOKIE_SUPPORT));
308
309 private static final Log _log = LogFactoryUtil.getLog(CookieKeys.class);
310
311 }