http4k-security-oauth/org.http4k.security/InsecureCookieBasedOAuthPersistence

InsecureCookieBasedOAuthPersistence

class InsecureCookieBasedOAuthPersistence(cookieNamePrefix: String, cookieValidity: Duration = Duration.ofDays(1), clock: Clock = Clock.systemUTC()) : OAuthPersistence

This is an example implementation which stores CSRF and AccessToken values in an INSECURE client-side cookie. Access-tokens for end-services are fully available to the browser so do not use this in production!

Constructors

Link copied to clipboard
constructor(cookieNamePrefix: String, cookieValidity: Duration = Duration.ofDays(1), clock: Clock = Clock.systemUTC())

Functions

Link copied to clipboard
open override fun assignCsrf(redirect: Response, csrf: CrossSiteRequestForgeryToken): Response

Assign a CSRF token to this OAuth auth redirection (to the end-service) response. Opportunity here to modify the response returned to the user when the redirection happens.

Link copied to clipboard
open override fun assignNonce(redirect: Response, nonce: Nonce): Response

Assign a nonce to this OIDC auth redirection (to the end-service) response. Opportunity here to modify the response returned to the user when the redirection happens.

Link copied to clipboard
open override fun assignOriginalUri(redirect: Response, originalUri: Uri): Response

opportunity to store the uri that the request was made before authentication this will then be redirected back to after auth

Link copied to clipboard
open override fun assignPkce(redirect: Response, pkce: PkceChallengeAndVerifier): Response
Link copied to clipboard
open override fun assignToken(request: Request, redirect: Response, accessToken: AccessToken, idToken: IdToken?): Response

Assign the swapped AccessToken (and optional IdToken) returned by the end-service. Opportunity here to modify the response returned to the user when the redirection happens.

Link copied to clipboard
open override fun authFailureResponse(reason: OAuthCallbackError): Response

Build the default failure response which occurs when a failure occurs during the callback process (eg. a mismatch/missing CSRF or failure occurring when calling into the end-service for the access-token.

Link copied to clipboard
open override fun retrieveCsrf(request: Request): CrossSiteRequestForgeryToken?

Retrieve the stored CSRF token for this user request

Link copied to clipboard
open override fun retrieveNonce(request: Request): Nonce?

Retrieve the stored nonce token for this user request

Link copied to clipboard
open override fun retrieveOriginalUri(request: Request): Uri?

Retrieve the stored original uri for this user request

Link copied to clipboard
open override fun retrievePkce(request: Request): PkceChallengeAndVerifier?
Link copied to clipboard
open override fun retrieveToken(request: Request): AccessToken?

Retrieve the stored AccessToken token for this user request