1
14
15 package com.liferay.portal.util;
16
17 import com.liferay.portal.CookieNotSupportedException;
18 import com.liferay.portal.kernel.log.Log;
19 import com.liferay.portal.kernel.log.LogFactoryUtil;
20 import com.liferay.portal.kernel.util.CharPool;
21 import com.liferay.portal.kernel.util.StringPool;
22 import com.liferay.portal.kernel.util.Validator;
23 import com.liferay.util.CookieUtil;
24
25 import javax.servlet.http.Cookie;
26 import javax.servlet.http.HttpServletRequest;
27 import javax.servlet.http.HttpServletResponse;
28
29 import org.apache.commons.codec.binary.Hex;
30
31
37 public class CookieKeys {
38
39 public static final String COOKIE_SUPPORT = "COOKIE_SUPPORT";
40
41 public static final String COMPANY_ID = "COMPANY_ID";
42
43 public static final String GUEST_LANGUAGE_ID = "GUEST_LANGUAGE_ID";
44
45 public static final String ID = "ID";
46
47 public static final String JSESSIONID = "jsessionid";
48
49 public static final String LOGIN = "LOGIN";
50
51 public static final String PASSWORD = "PASSWORD";
52
53 public static final String REMEMBER_ME = "REMEMBER_ME";
54
55 public static final String SCREEN_NAME = "SCREEN_NAME";
56
57 public static final int MAX_AGE = 31536000;
58
59 public static final int VERSION = 0;
60
61 public static void addCookie(
62 HttpServletRequest request, HttpServletResponse response,
63 Cookie cookie) {
64
65 addCookie(request, response, cookie, request.isSecure());
66 }
67
68 public static void addCookie(
69 HttpServletRequest request, HttpServletResponse response,
70 Cookie cookie, boolean secure) {
71
72 if (!PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES ||
73 PropsValues.TCK_URL) {
74
75 return;
76 }
77
78
80 String name = cookie.getName();
81
82 String originalValue = cookie.getValue();
83 String encodedValue = originalValue;
84
85 if (isEncodedCookie(name)) {
86 encodedValue = new String(Hex.encodeHex(originalValue.getBytes()));
87
88 if (_log.isDebugEnabled()) {
89 _log.debug("Add encoded cookie " + name);
90 _log.debug("Original value " + originalValue);
91 _log.debug("Hex encoded value " + encodedValue);
92 }
93 }
94
95 cookie.setSecure(secure);
96 cookie.setValue(encodedValue);
97 cookie.setVersion(VERSION);
98
99
102 response.addCookie(cookie);
103 }
104
105 public static void addSupportCookie(
106 HttpServletRequest request, HttpServletResponse response) {
107
108 Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
109
110 cookieSupportCookie.setPath(StringPool.SLASH);
111 cookieSupportCookie.setMaxAge(MAX_AGE);
112
113 addCookie(request, response, cookieSupportCookie);
114 }
115
116 public static String getCookie(HttpServletRequest request, String name) {
117 String value = CookieUtil.get(request, name);
118
119 if ((value != null) && isEncodedCookie(name)) {
120 try {
121 String encodedValue = value;
122 String originalValue = new String(
123 Hex.decodeHex(encodedValue.toCharArray()));
124
125 if (_log.isDebugEnabled()) {
126 _log.debug("Get encoded cookie " + name);
127 _log.debug("Hex encoded value " + encodedValue);
128 _log.debug("Original value " + originalValue);
129 }
130
131 return originalValue;
132 }
133 catch (Exception e) {
134 if (_log.isWarnEnabled()) {
135 _log.warn(e.getMessage());
136 }
137
138 return value;
139 }
140 }
141
142 return value;
143 }
144
145 public static String getDomain(HttpServletRequest request) {
146
147
149 if (Validator.isNotNull(PropsValues.SESSION_COOKIE_DOMAIN)) {
150 return PropsValues.SESSION_COOKIE_DOMAIN;
151 }
152
153 String host = request.getServerName();
154
155 return getDomain(host);
156 }
157
158 public static String getDomain(String host) {
159
160
162 if (host == null) {
163 return null;
164 }
165
166
168 if (Validator.isIPAddress(host)) {
169 return host;
170 }
171
172 int x = host.lastIndexOf(CharPool.PERIOD);
173
174 if (x <= 0) {
175 return null;
176 }
177
178 int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
179
180 if (y <= 0) {
181 return StringPool.PERIOD + host;
182 }
183
184 int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
185
186 String domain = null;
187
188 if (z <= 0) {
189 domain = host.substring(y);
190 }
191 else {
192 domain = host.substring(z);
193 }
194
195 return domain;
196 }
197
198 public static boolean hasSessionId(HttpServletRequest request) {
199 String jsessionid = getCookie(request, JSESSIONID);
200
201 if (jsessionid != null) {
202 return true;
203 }
204 else {
205 return false;
206 }
207 }
208
209 public static boolean isEncodedCookie(String name) {
210 if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
211 name.equals(SCREEN_NAME)) {
212
213 return true;
214 }
215 else {
216 return false;
217 }
218 }
219
220 public static void validateSupportCookie(HttpServletRequest request)
221 throws CookieNotSupportedException {
222
223 if (PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES &&
224 PropsValues.SESSION_TEST_COOKIE_SUPPORT) {
225
226 String cookieSupport = getCookie(request, COOKIE_SUPPORT);
227
228 if (Validator.isNull(cookieSupport)) {
229 throw new CookieNotSupportedException();
230 }
231 }
232 }
233
234 private static Log _log = LogFactoryUtil.getLog(CookieKeys.class);
235
236 }