/// <summary>
/// Creates a session cookie meant to be used to hold the generated JSON Web Token and appends it to the response.
/// </summary>
/// <param name="cookieValue">The cookie value.</param>
private void CreateJwtCookieAndAppendToResponse(string cookieValue)
{
CookieBuilder cookieBuilder = new RequestPathBaseCookieBuilder
{
Name = _generalSettings.JwtCookieName,
//// To support OAuth authentication, a lax mode is required, see https://github.com/aspnet/Security/issues/1231.
SameSite = SameSiteMode.Lax,
HttpOnly = true,
SecurePolicy = CookieSecurePolicy.Always,
IsEssential = true,
Domain = _generalSettings.HostName
};
CookieOptions cookieOptions = cookieBuilder.Build(HttpContext);
ICookieManager cookieManager = new ChunkingCookieManager();
cookieManager.AppendResponseCookie(
HttpContext,
cookieBuilder.Name,
cookieValue,
cookieOptions);
ApplyHeaders();
}
/// <summary>
/// Creates a session cookie meant to be used to hold the generated JSON Web Token and appends it to the response.
/// </summary>
/// <param name="cookieValue">The cookie value.</param>
private void CreateJwtCookieAndAppendToResponse(string cookieValue)
{
CookieBuilder cookieBuilder = new RequestPathBaseCookieBuilder
{
Name = "AltinnStudioRuntime",
SameSite = SameSiteMode.Lax,
HttpOnly = true,
SecurePolicy = CookieSecurePolicy.None,
IsEssential = true,
Domain = _generalSettings.HostName,
Expiration = new TimeSpan(0, 1337, 0)
};
CookieOptions cookieOptions = cookieBuilder.Build(HttpContext);
ICookieManager cookieManager = new ChunkingCookieManager();
cookieManager.AppendResponseCookie(
HttpContext,
cookieBuilder.Name,
cookieValue,
cookieOptions);
}