diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java index ec6a42cc..b6598f91 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java @@ -41,6 +41,12 @@ public class SaTokenConfig implements Serializable { /** 是否尝试从cookie里读取token */ private Boolean isReadCookie = true; + /** 使用Cookie时,是否为HttpOnly */ + private Boolean isCookieHttpOnly = false; + + /** 使用Cookie时,是否为Secure */ + private Boolean isCookieSecure = false; + /** token风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik) */ private String tokenStyle = "uuid"; @@ -220,6 +226,38 @@ public class SaTokenConfig implements Serializable { return this; } + /** + * @return 使用Cookie时,是否为HttpOnly + */ + public Boolean getIsCookieHttpOnly() { + return isCookieHttpOnly; + } + + /** + * @param isCookieHttpOnly 使用Cookie时,是否为HttpOnly + * @return 对象自身 + */ + public SaTokenConfig setIsCookieHttpOnly(Boolean isCookieHttpOnly) { + this.isCookieHttpOnly = isCookieHttpOnly; + return this; + } + + /** + * @return 使用Cookie时,是否为Secure + */ + public Boolean getIsCookieSecure() { + return isCookieSecure; + } + + /** + * @param isCookieSecure 使用Cookie时,是否为Secure + * @return 对象自身 + */ + public SaTokenConfig setIsCookieSecure(Boolean isCookieSecure) { + this.isCookieSecure = isCookieSecure; + return this; + } + /** * @return token风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik) */ @@ -433,7 +471,9 @@ public class SaTokenConfig implements Serializable { public String toString() { return "SaTokenConfig [tokenName=" + tokenName + ", timeout=" + timeout + ", activityTimeout=" + activityTimeout + ", isConcurrent=" + isConcurrent + ", isShare=" + isShare + ", isReadBody=" + isReadBody - + ", isReadHead=" + isReadHead + ", isReadCookie=" + isReadCookie + ", tokenStyle=" + tokenStyle + + ", isReadHead=" + isReadHead + ", isReadCookie=" + isReadCookie + + ", isCookieHttpOnly=" + isCookieHttpOnly + ", isCookieSecure=" + isCookieSecure + + ", tokenStyle=" + tokenStyle + ", dataRefreshPeriod=" + dataRefreshPeriod + ", tokenSessionCheckLogin=" + tokenSessionCheckLogin + ", autoRenew=" + autoRenew + ", cookieDomain=" + cookieDomain + ", tokenPrefix=" + tokenPrefix + ", isPrint=" + isPrint + ", isLog=" + isLog + ", jwtSecretKey=" + jwtSecretKey + ", idTokenTimeout=" diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java b/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java index fa4de08b..c66245ce 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java @@ -18,21 +18,23 @@ public interface SaResponse { * @param name Cookie名称 */ public void deleteCookie(String name); - + /** - * 写入指定Cookie + * 写入指定Cookie * @param name Cookie名称 * @param value Cookie值 * @param path Cookie路径 * @param domain Cookie的作用域 * @param timeout 过期时间 (秒) + * @param isHttpOnly 是否为HttpOnly + * @param isSecure 是否为Secure */ - public void addCookie(String name, String value, String path, String domain, int timeout); + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure); /** - * 设置响应状态码 + * 设置响应状态码 * @param sc 响应状态码 - * @return 对象自身 + * @return 对象自身 */ public SaResponse setStatus(int sc); diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java index 87ed101b..6d1d9739 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java @@ -109,9 +109,9 @@ public class StpLogic { } // 注入Cookie - if(config.getIsReadCookie()){ + if (config.getIsReadCookie()) { SaResponse response = SaHolder.getResponse(); - response.addCookie(getTokenName(), tokenValue, "/", config.getCookieDomain(), cookieTimeout); + response.addCookie(getTokenName(), tokenValue, "/", config.getCookieDomain(), cookieTimeout, config.getIsCookieHttpOnly(), config.getIsCookieSecure()); } } diff --git a/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java b/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java index 7c4a3965..56cf39f9 100644 --- a/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java +++ b/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java @@ -43,34 +43,35 @@ public class SaResponseForReactor implements SaResponse { */ @Override public void deleteCookie(String name) { - addCookie(name, null, null, null, 0); + addCookie(name, null, null, null, 0, false, false); } /** - * 写入指定Cookie + * 写入指定Cookie */ @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { - + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { // 构建CookieBuilder ResponseCookieBuilder builder = ResponseCookie.from(name, value) - .domain(domain) - .path(path) - .maxAge(timeout) + .domain(domain) + .path(path) + .maxAge(timeout) + .httpOnly(isHttpOnly) + .secure(isHttpOnly) ; - - // set path + + // set path if(SaFoxUtil.isEmpty(path) == true) { path = "/"; } builder.path(path); - - // set domain + + // set domain if(SaFoxUtil.isEmpty(domain) == false) { builder.domain(domain); } - - // 写入Cookie + + // 写入Cookie response.addCookie(builder.build()); } diff --git a/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java b/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java index c77588bc..d123cdc7 100644 --- a/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java +++ b/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java @@ -42,14 +42,14 @@ public class SaResponseForServlet implements SaResponse { */ @Override public void deleteCookie(String name) { - addCookie(name, null, null, null, 0); + addCookie(name, null, null, null, 0, false, false); } /** - * 写入指定Cookie + * 写入指定Cookie */ @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { Cookie cookie = new Cookie(name, value); if(SaFoxUtil.isEmpty(path) == true) { path = "/"; @@ -59,6 +59,8 @@ public class SaResponseForServlet implements SaResponse { } cookie.setPath(path); cookie.setMaxAge(timeout); + cookie.setHttpOnly(isHttpOnly); + cookie.setSecure(isSecure); response.addCookie(cookie); } diff --git a/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java b/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java index 583a4db0..5f7f2101 100644 --- a/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java +++ b/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java @@ -28,7 +28,7 @@ public class SaResponseForSolon implements SaResponse { } @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { if (Utils.isNotEmpty(path)) { path = "/"; }