/// <summary> /// Creates a session cookie meant to be used to hold the generated JSON Web Token and appends it to the response. /// </summary> /// <param name="cookieValue">The cookie value.</param> private void CreateJwtCookieAndAppendToResponse(string cookieValue) { CookieBuilder cookieBuilder = new RequestPathBaseCookieBuilder { Name = _generalSettings.JwtCookieName, //// To support OAuth authentication, a lax mode is required, see https://github.com/aspnet/Security/issues/1231. SameSite = SameSiteMode.Lax, HttpOnly = true, SecurePolicy = CookieSecurePolicy.Always, IsEssential = true, Domain = _generalSettings.HostName }; CookieOptions cookieOptions = cookieBuilder.Build(HttpContext); ICookieManager cookieManager = new ChunkingCookieManager(); cookieManager.AppendResponseCookie( HttpContext, cookieBuilder.Name, cookieValue, cookieOptions); ApplyHeaders(); }
/// <summary> /// Creates a session cookie meant to be used to hold the generated JSON Web Token and appends it to the response. /// </summary> /// <param name="cookieValue">The cookie value.</param> private void CreateJwtCookieAndAppendToResponse(string cookieValue) { CookieBuilder cookieBuilder = new RequestPathBaseCookieBuilder { Name = "AltinnStudioRuntime", SameSite = SameSiteMode.Lax, HttpOnly = true, SecurePolicy = CookieSecurePolicy.None, IsEssential = true, Domain = _generalSettings.HostName, Expiration = new TimeSpan(0, 1337, 0) }; CookieOptions cookieOptions = cookieBuilder.Build(HttpContext); ICookieManager cookieManager = new ChunkingCookieManager(); cookieManager.AppendResponseCookie( HttpContext, cookieBuilder.Name, cookieValue, cookieOptions); }