From f24d03991c8ada1bfb9e402b04d68cf01906cbee Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 4 Feb 2019 07:58:24 +0100
Subject: move code for Cookie management into CookieUtils.java

---
 .../gv/egovernment/moa/id/moduls/SSOManager.java   | 72 +++++++++++-----------
 .../at/gv/egovernment/moa/id/util/CookieUtils.java | 37 +++++++++++
 2 files changed, 73 insertions(+), 36 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/CookieUtils.java

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index b5005d0c9..2b550f21e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -26,7 +26,6 @@ import java.util.Date;
 import java.util.Map;
 import java.util.Map.Entry;
 
-import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -59,6 +58,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
 import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.CookieUtils;
 import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -329,12 +329,12 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 				
 			} else {
 				//check if IDP cookie is set
-				String cookie = getValueFromCookie(httpReq, SSOINTERFEDERATION);
+				String cookie = CookieUtils.getValueFromCookie(httpReq, SSOINTERFEDERATION);
 				if (MiscUtil.isNotEmpty(cookie)) {
 					Logger.info("Receive SSO request for interfederated IDP from Cookie " + cookie);
 					moaReq.setRawDataToTransaction(DATAID_INTERFEDERATIOIDP_URL, cookie);
 				
-					deleteCookie(httpReq, httpResp, SSOINTERFEDERATION);									
+					CookieUtils.deleteCookie(httpReq, httpResp, SSOINTERFEDERATION);									
 				}				
 			}
 						
@@ -345,7 +345,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 	}
 	
 	public void setInterfederationIDPCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, String value) {
-		setCookie(httpReq, httpResp, SSOINTERFEDERATION, value, INTERFEDERATIONCOOKIEMAXAGE);
+		CookieUtils.setCookie(httpReq, httpResp, SSOINTERFEDERATION, value, INTERFEDERATIONCOOKIEMAXAGE);
 		
 	}
 	
@@ -443,7 +443,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 	
 			
 	public String getSSOSessionID(HttpServletRequest httpReq) {
-		return getValueFromCookie(httpReq, SSOCOOKIE);
+		return CookieUtils.getValueFromCookie(httpReq, SSOCOOKIE);
 		
 	}
 		
@@ -510,43 +510,43 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 	
 	
 	private void setSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp, String ssoId) {
-		setCookie(httpReq, httpResp, SSOCOOKIE, ssoId, -1);
+		CookieUtils.setCookie(httpReq, httpResp, SSOCOOKIE, ssoId, -1);
 		
 	}
 
 	private void deleteSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp) {
-		deleteCookie(httpReq, httpResp, SSOCOOKIE);
+		CookieUtils.deleteCookie(httpReq, httpResp, SSOCOOKIE);
 		
 	}
 	
-	private String getValueFromCookie(HttpServletRequest httpReq, String cookieName) {
-		Cookie[] cookies = httpReq.getCookies();
-		
-		if (cookies != null) {
-			for (Cookie cookie : cookies) {						
-				if (cookie.getName().equals(cookieName)) {
-					return cookie.getValue();
-				}
-			}
-		}
-		return null;
-	}
-	
-	private void setCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, 
-			String cookieName, String cookieValue, int maxAge) {
-		
-		Cookie cookie = new Cookie(cookieName, cookieValue);
-		cookie.setMaxAge(maxAge);
-		cookie.setSecure(true);
-		cookie.setHttpOnly(true);
-		cookie.setPath(httpReq.getContextPath());
-				
-		httpResp.addCookie(cookie);
-	}
-	
-	private void deleteCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, String cookieName) {
-		setCookie(httpReq, httpResp, cookieName, "", 0);
-		
-	}
+//	private String getValueFromCookie(HttpServletRequest httpReq, String cookieName) {
+//		Cookie[] cookies = httpReq.getCookies();
+//		
+//		if (cookies != null) {
+//			for (Cookie cookie : cookies) {						
+//				if (cookie.getName().equals(cookieName)) {
+//					return cookie.getValue();
+//				}
+//			}
+//		}
+//		return null;
+//	}
+//	
+//	private void setCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, 
+//			String cookieName, String cookieValue, int maxAge) {
+//		
+//		Cookie cookie = new Cookie(cookieName, cookieValue);
+//		cookie.setMaxAge(maxAge);
+//		cookie.setSecure(true);
+//		cookie.setHttpOnly(true);
+//		cookie.setPath(httpReq.getContextPath());
+//				
+//		httpResp.addCookie(cookie);
+//	}
+//	
+//	private void deleteCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, String cookieName) {
+//		setCookie(httpReq, httpResp, cookieName, "", 0);
+//		
+//	}
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/CookieUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/CookieUtils.java
new file mode 100644
index 000000000..21cbd574f
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/CookieUtils.java
@@ -0,0 +1,37 @@
+package at.gv.egovernment.moa.id.util;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class CookieUtils {
+	public static String getValueFromCookie(HttpServletRequest httpReq, String cookieName) {
+		Cookie[] cookies = httpReq.getCookies();
+		
+		if (cookies != null) {
+			for (Cookie cookie : cookies) {						
+				if (cookie.getName().equals(cookieName)) {
+					return cookie.getValue();
+				}
+			}
+		}
+		return null;
+	}
+	
+	public static void setCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, 
+			String cookieName, String cookieValue, int maxAge) {
+		
+		Cookie cookie = new Cookie(cookieName, cookieValue);
+		cookie.setMaxAge(maxAge);
+		cookie.setSecure(true);
+		cookie.setHttpOnly(true);
+		cookie.setPath(httpReq.getContextPath());
+				
+		httpResp.addCookie(cookie);
+	}
+	
+	public static void deleteCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, String cookieName) {
+		setCookie(httpReq, httpResp, cookieName, "", 0);
+		
+	}
+}
-- 
cgit v1.2.3