1919import javax .servlet .http .Cookie ;
2020
2121import org .springframework .lang .Nullable ;
22+ import org .springframework .util .Assert ;
2223
2324/**
24- * A {@code Cookie} subclass with the additional cookie directives as defined in the
25+ * Extension of {@code Cookie} with extra directives, as defined in
2526 * <a href="https://tools.ietf.org/html/rfc6265">RFC 6265</a>.
2627 *
2728 * @author Vedran Pavic
@@ -31,96 +32,84 @@ public class MockCookie extends Cookie {
3132
3233 private static final long serialVersionUID = 4312531139502726325L ;
3334
35+
3436 @ Nullable
3537 private String sameSite ;
3638
39+
3740 /**
38- * Constructs a {@code MockCookie} instance with the specified name and value.
39- *
40- * @param name the cookie name
41- * @param value the cookie value
41+ * Constructor with the cookie name and value.
42+ * @param name the name
43+ * @param value the value
4244 * @see Cookie#Cookie(String, String)
4345 */
4446 public MockCookie (String name , String value ) {
4547 super (name , value );
4648 }
4749
50+
51+ /**
52+ * Add the "SameSite" attribute to the cookie.
53+ * <p>This limits the scope of the cookie such that it will only be attached
54+ * to same site requests if {@code "Strict"} or cross-site requests if
55+ * {@code "Lax"}.
56+ * @see <a href="https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis#section-4.1.2.7">RFC6265 bis</a>
57+ */
58+ public void setSameSite (@ Nullable String sameSite ) {
59+ this .sameSite = sameSite ;
60+ }
61+
62+ /**
63+ * Return the "SameSite" attribute, or {@code null} if not set.
64+ */
65+ @ Nullable
66+ public String getSameSite () {
67+ return this .sameSite ;
68+ }
69+
70+
4871 /**
49- * Factory method create {@code MockCookie} instance from Set-Cookie header value.
50- *
51- * @param setCookieHeader the Set-Cookie header value
52- * @return the created cookie instance
72+ * Factory method that parses the value of a "Set-Cookie" header.
73+ * @param setCookieHeader the "Set-Cookie" value
74+ * @return the created cookie
5375 */
5476 public static MockCookie parse (String setCookieHeader ) {
5577 String [] cookieParts = setCookieHeader .split ("\\ s*=\\ s*" , 2 );
56- if (cookieParts .length != 2 ) {
57- throw new IllegalArgumentException ("Invalid Set-Cookie header value" );
58- }
78+ Assert .isTrue (cookieParts .length == 2 , "Invalid Set-Cookie header value" );
79+
5980 String name = cookieParts [0 ];
6081 String [] valueAndDirectives = cookieParts [1 ].split ("\\ s*;\\ s*" , 2 );
6182 String value = valueAndDirectives [0 ];
6283 String [] directives = valueAndDirectives [1 ].split ("\\ s*;\\ s*" );
63- String domain = null ;
64- int maxAge = -1 ;
65- String path = null ;
66- boolean secure = false ;
67- boolean httpOnly = false ;
68- String sameSite = null ;
84+
85+ MockCookie cookie = new MockCookie (name , value );
6986 for (String directive : directives ) {
7087 if (directive .startsWith ("Domain" )) {
71- domain = directive . split ( "=" )[ 1 ] ;
88+ cookie . setDomain ( extractDirectiveValue ( directive )) ;
7289 }
7390 else if (directive .startsWith ("Max-Age" )) {
74- maxAge = Integer .parseInt (directive . split ( "=" )[ 1 ] );
91+ cookie . setMaxAge ( Integer .parseInt (extractDirectiveValue ( directive )) );
7592 }
7693 else if (directive .startsWith ("Path" )) {
77- path = directive . split ( "=" )[ 1 ] ;
94+ cookie . setPath ( extractDirectiveValue ( directive )) ;
7895 }
7996 else if (directive .startsWith ("Secure" )) {
80- secure = true ;
97+ cookie . setSecure ( true ) ;
8198 }
8299 else if (directive .startsWith ("HttpOnly" )) {
83- httpOnly = true ;
100+ cookie . setHttpOnly ( true ) ;
84101 }
85102 else if (directive .startsWith ("SameSite" )) {
86- sameSite = directive . split ( "=" )[ 1 ] ;
103+ cookie . setSameSite ( extractDirectiveValue ( directive )) ;
87104 }
88105 }
89- MockCookie cookie = new MockCookie (name , value );
90- if (domain != null ) {
91- cookie .setDomain (domain );
92- }
93- cookie .setMaxAge (maxAge );
94- cookie .setPath (path );
95- cookie .setSecure (secure );
96- cookie .setHttpOnly (httpOnly );
97- cookie .setSameSite (sameSite );
98106 return cookie ;
99107 }
100108
101- /**
102- * Return the cookie "SameSite" attribute, or {@code null} if not set.
103- * <p>
104- * This limits the scope of the cookie such that it will only be attached to same site
105- * requests if {@code "Strict"} or cross-site requests if {@code "Lax"}.
106- *
107- * @see <a href="https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis#section-4.1.2.7">RFC6265 bis</a>
108- */
109- @ Nullable
110- public String getSameSite () {
111- return this .sameSite ;
112- }
113-
114- /**
115- * Add the "SameSite" attribute to the cookie.
116- * <p>
117- * This limits the scope of the cookie such that it will only be attached to same site
118- * requests if {@code "Strict"} or cross-site requests if {@code "Lax"}.
119- *
120- * @see <a href="https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis#section-4.1.2.7">RFC6265 bis</a>
121- */
122- public void setSameSite (@ Nullable String sameSite ) {
123- this .sameSite = sameSite ;
109+ private static String extractDirectiveValue (String directive ) {
110+ String [] nameAndValue = directive .split ("=" );
111+ Assert .isTrue (nameAndValue .length == 2 , () -> "No value in directive: '" + directive + "'" );
112+ return nameAndValue [1 ];
124113 }
125114
126115}
0 commit comments