Hi Ruwan,
+1 for your suggestion. So we will have two methods to setCookie and
getCookieValue.
setCookie(response, "name", "value", {"max-age" : 4000,
"path" : "/localhost",
"domain" : "localhost",
"httpOnly" : true,
"secure" : true,
"version" : 1,
"comment" : "some comments",
* "encrypt" : true,*
*"sign" : true*
});
getCookieValue(response, "name", *{ "decrypt" : true,*
*"validateSignature" : true }*)
thanks,
Senthalan.
On Tue, May 15, 2018 at 11:17 AM Ruwan Abeykoon <[email protected]> wrote:
> Hi Senthalan,
> It is not good to add too many functions to do the same operation. In JS
> world, we like to do things with the data itself.
>
> instead of setEncryptedCookie
>
> setCookie(response, "name", "value", {"max-age" : 4000,
> "path" : "/localhost",
> "domain" : "localhost",
> "httpOnly" : true,
> "secure" : true,
> "version" : 1,
> "comment" : "some comments", *"encrypted" : true*
>
> });
>
> Cheers,
> Ruwan
>
>
> On Tue, May 15, 2018 at 10:11 AM, Senthalan Kanagalingam <
> [email protected]> wrote:
>
>> Hi all,
>>
>> I am started to work on the $subject. These utility functions can be
>> directly used in script based conditional authentication as javascript
>> methods. Underline implementation will be writen on java in the backend. We
>> have identified following cookie related functions,
>>
>> - setCookie(context/response, name, value, [optional] properties)
>>
>> Sets a cookie named ‘name’ with the value as ‘value’. ‘Properties’ is an
>> optional map that may contain optional attributes such as validityPeriod,
>> path, secure, httpOnly
>>
>> - setEncryptedCookie(context/response, name, value, [optional]
>> properties)
>>
>> Similar to ‘setCookie()’. But the value will be enrypted.
>>
>> - setSignedCookie(context/response, name, value, [optional]
>> properties)
>>
>> Similar to ‘setCookie()’. But the value will be signed.
>>
>> - getCookieValue(context/response, name)
>>
>> Get the plan text cookie value for cookie ‘name’ if present.
>>
>> - getSignedCookieValue(context/response, name)
>>
>> Get the signed cookie value for cookie ‘name’ if present with a valid
>> signature.
>>
>> - getEncryptedCookieValue(context/response, name)
>>
>> Get the encypyed cookie value for cookie ‘name’ if present with valid
>> encrypted data.
>>
>> We have done a POC for the first function. We have used the following JS
>> method signature,
>>
>> setCookie(response, "name", "value", {"max-age" : 4000,
>> "path" : "/localhost",
>> "domain" : "localhost",
>> "httpOnly" : true,
>> "secure" : true,
>> "version" : 1,
>> "comment" : "some comments"
>> });
>> if anyone didn't want the propeties, they can use {} or null.
>>
>> Your comments and feedback related to these identified functions and
>> signature are highly appreciated.
>>
>> thanks,
>> Senthalan.
>> --
>>
>> *Senthalan Kanagalingam*
>> *Software Engineer - WSO2 Inc.*
>> *Mobile : +94 (0) 77 18 77 466*
>> <http://wso2.com/signature>
>>
>> _______________________________________________
>> Architecture mailing list
>> [email protected]
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
>
> *Ruwan Abeykoon*
> *Associate Director/Architect**,*
> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
> *lean.enterprise.middleware.*
>
>
--
*Senthalan Kanagalingam*
*Software Engineer - WSO2 Inc.*
*Mobile : +94 (0) 77 18 77 466*
<http://wso2.com/signature>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
