Beispiel #1
0
        public async Task Invoke(HttpContext context)
        {
            CaliforniaClientSession clientSession = new CaliforniaClientSession();

            if (context.Request.Cookies.TryGetValue(_serviceOptions.CookieName, out var cookie))
            {
                try
                {
                    JsonConvert.PopulateObject(cookie, clientSession);
                    if (clientSession.Revision < CaliforniaClientSession.TargetRevision)
                    {
                        clientSession.UpdateCaliforniaOptionsCookie(context.Response, _serviceOptions.CookieName);
                    }
                }
                catch (JsonSerializationException)
                {
                    // bad cookie format
                    context.Response.Cookies.Delete(_serviceOptions.CookieName);
                    clientSession = new CaliforniaClientSession();
                }
            }
            context.Features.Set <CaliforniaClientSession>(clientSession);

            await this._next.Invoke(context);
        }
Beispiel #2
0
        public static void UpdateCaliforniaOptionsCookie(this CaliforniaClientSession currentSession, HttpResponse response, string cookieName)
        {
            var updatedCookieValue = MakeCookieValue(currentSession);

            if (!string.IsNullOrEmpty(updatedCookieValue))
            {
                response.Cookies.Append(cookieName, updatedCookieValue,
                                        new CookieOptions
                {
                    Expires  = DateTimeOffset.UtcNow.AddYears(1),
                    SameSite = SameSiteMode.Strict,
                    HttpOnly = false     // TODO security documentation
                });
            }
            else
            {
                response.Cookies.Delete(cookieName);
            }
        }
Beispiel #3
0
 public static string MakeCookieValue(this CaliforniaClientSession currentSession)
 => JsonConvert.SerializeObject(currentSession, new JsonSerializerSettings()
 {
     NullValueHandling = NullValueHandling.Ignore
 });