/// <summary>
/// Stores a value across mulitple cookies using chunkedCookieManager.
/// </summary>
/// <param name="cookieName">The cookie key to write. If null, default cookieName in app.config will be used</param>
/// <param name="value">The value to store</param>
/// <param name="expiryMinutes">Optional. Number of minutes the cookie should exist for</param>
/// <param name="path">Optional. Path for the cookie</param>
public void WriteCookie(string cookieName, string value, int expiryMinutes = 0, string path = "/")
{
try
{
expiryMinutes = expiryMinutes == 0 ? _expiryMinutes : expiryMinutes;
string key = String.IsNullOrEmpty((cookieName ?? String.Empty).Trim()) ? _cookieName : cookieName.Trim();
CookieOptions options = new CookieOptions()
{
Expires = DateTime.UtcNow.AddMinutes(expiryMinutes - _cookieExpirationOffset),
Path = path, //make available to all pages
HttpOnly = true,
Secure = true
};
if (String.Equals("Development", Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT"), StringComparison.OrdinalIgnoreCase))
{
options.Secure = false; //allow cookie to be served/received over HTTP (vs HTTPs)
}
IHttpContextAccessor currentContextAccessor = _serviceProvider.GetInstance <IHttpContextAccessor>();
if ((currentContextAccessor != null) && (currentContextAccessor.HttpContext != null))
{
_chunkingCookieManager.DeleteCookie(currentContextAccessor.HttpContext, key, options);
_chunkingCookieManager.AppendResponseCookie(currentContextAccessor.HttpContext, key, value, options);
}
}
catch (Exception ex)
{
string setBreakPointHere = ex.Message;
}
}
public void SaveTempData(HttpContext context, IDictionary <string, object> values)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
var cookieOptions = new CookieOptions()
{
Domain = string.IsNullOrEmpty(_options.Value.Domain) ? null : _options.Value.Domain,
HttpOnly = true,
Secure = context.Request.IsHttps,
};
SetCookiePath(context, cookieOptions);
var hasValues = (values != null && values.Count > 0);
if (hasValues)
{
var bytes = _tempDataSerializer.Serialize(values);
bytes = _dataProtector.Protect(bytes);
var encodedValue = Base64UrlTextEncoder.Encode(bytes);
_chunkingCookieManager.AppendResponseCookie(context, CookieName, encodedValue, cookieOptions);
}
else
{
_chunkingCookieManager.DeleteCookie(context, CookieName, cookieOptions);
}
}
/// <summary>
/// Loads the temp data from the request.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>The temp data.</returns>
public IDictionary <string, object> LoadTempData(HttpContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
if (context.Request.Cookies.ContainsKey(_options.Cookie.Name))
{
// The cookie we use for temp data is user input, and might be invalid in many ways.
//
// Since TempData is a best-effort system, we don't want to throw and get a 500 if the cookie is
// bad, we will just clear it and ignore the exception. The common case that we've identified for
// this is misconfigured data protection settings, which can cause the key used to create the
// cookie to no longer be available.
try
{
var encodedValue = _chunkingCookieManager.GetRequestCookie(context, _options.Cookie.Name);
if (!string.IsNullOrEmpty(encodedValue))
{
var protectedData = WebEncoders.Base64UrlDecode(encodedValue);
var unprotectedData = _dataProtector.Unprotect(protectedData);
var tempData = _tempDataSerializer.Deserialize(unprotectedData);
_logger.TempDataCookieLoadSuccess(_options.Cookie.Name);
return(tempData);
}
}
catch (Exception ex)
{
_logger.TempDataCookieLoadFailure(_options.Cookie.Name, ex);
// If we've failed, we want to try and clear the cookie so that this won't keep happening
// over and over.
if (!context.Response.HasStarted)
{
_chunkingCookieManager.DeleteCookie(context, _options.Cookie.Name, _options.Cookie.Build(context));
}
}
}
_logger.TempDataCookieNotFound(_options.Cookie.Name);
return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase));
}
public void DeleteCookie(HttpContext context, string key, CookieOptions options)
{
_cookieManager.DeleteCookie(context, key, options);
var id = GetId(context, key);
if (!string.IsNullOrWhiteSpace(id))
{
var cacheKey = GetKey(key, id);
GetCache(context).Remove(cacheKey);
}
}
public void DeleteChunkedCookieWithOptionsAndResponseCookies_AllDeleted()
{
var chunkingCookieManager = new ChunkingCookieManager();
HttpContext httpContext = new DefaultHttpContext();
httpContext.Request.Headers["Cookie"] = new[]
{
"TestCookie=chunks-7",
"TestCookieC1=abcdefghi",
"TestCookieC2=jklmnopqr",
"TestCookieC3=stuvwxyz0",
"TestCookieC4=123456789",
"TestCookieC5=ABCDEFGHI",
"TestCookieC6=JKLMNOPQR",
"TestCookieC7=STUVWXYZ"
};
var cookieOptions = new CookieOptions()
{
Domain = "foo.com",
Path = "/",
Secure = true,
Extensions = { "extension" }
};
httpContext.Response.Headers[HeaderNames.SetCookie] = new[]
{
"TestCookie=chunks-7; domain=foo.com; path=/; secure; other=extension",
"TestCookieC1=STUVWXYZ; domain=foo.com; path=/; secure",
"TestCookieC2=123456789; domain=foo.com; path=/; secure",
"TestCookieC3=stuvwxyz0; domain=foo.com; path=/; secure",
"TestCookieC4=123456789; domain=foo.com; path=/; secure",
"TestCookieC5=ABCDEFGHI; domain=foo.com; path=/; secure",
"TestCookieC6=JKLMNOPQR; domain=foo.com; path=/; secure",
"TestCookieC7=STUVWXYZ; domain=foo.com; path=/; secure"
};
chunkingCookieManager.DeleteCookie(httpContext, "TestCookie", cookieOptions);
Assert.Equal(8, httpContext.Response.Headers[HeaderNames.SetCookie].Count);
Assert.Equal(new[]
{
"TestCookie=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC1=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC2=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC3=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC4=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC5=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC6=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension",
"TestCookieC7=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=foo.com; path=/; secure; extension"
}, httpContext.Response.Headers[HeaderNames.SetCookie]);
}
public void DeleteCookie(IOwinContext context, string key, CookieOptions options)
{
options.Domain = context.Request.Uri.GetHostWithoutSubDomain();
_chunkingCookieManager.DeleteCookie(context, key, options);
}
public void DeleteCookie(HttpContext context, string key, CookieOptions options)
{
var i = new FourSeven();
_cookieManager.DeleteCookie(context, key, options);
}
public void DeleteCookies()
{
_chunkingCookieManager.DeleteCookie(_httpContext, "TestCookie", _cookieOptions);
_httpContext.Response.Headers[HeaderNames.SetCookie] = StringValues.Empty;
}
public void DeleteCookie(HttpContext context, string key, CookieOptions options)
{
GenericizeDomain(context, options);
manager.DeleteCookie(context, key, options);
}
