From d1c84d52617db552c90d77e2dd63888e61a6b8bb Mon Sep 17 00:00:00 2001 From: Valentin CZERYBA Date: Tue, 19 Jul 2022 23:36:57 +0200 Subject: [PATCH] add maxages for cookie --- src/main/java/com/covas/Resources/TokenRessource.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java index 9daf5e3..cd77c7a 100644 --- a/src/main/java/com/covas/Resources/TokenRessource.java +++ b/src/main/java/com/covas/Resources/TokenRessource.java @@ -10,10 +10,13 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.NewCookie; +import javax.ws.rs.core.Cookie; + import javax.ws.rs.core.Response; import com.covas.Classes.Hash; import com.covas.Entity.UsersEntity; +import com.fasterxml.jackson.datatype.jsr310.deser.DurationDeserializer; import io.smallrye.jwt.auth.principal.JWTParser; import io.smallrye.jwt.auth.principal.ParseException; @@ -64,13 +67,15 @@ public class TokenRessource { // or create a JWT token encrypted using the 'A256KW' algorithm // Jwt.upn("alice").encryptWithSecret(secret); String nameEncoded = Base64.toBase64String(name.getBytes(StandardCharsets.UTF_8)); - return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie), new NewCookie("user", nameEncoded)).build(); + return Response.status(Response.Status.CREATED).cookie(new NewCookie(new Cookie("jwt", newJwtCookie), "Token JWT", 60, false), new NewCookie(new Cookie("user", nameEncoded), "Username", 60, false)).build(); } // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. + LOGGER.info(jwtCookie); try { jwt = parser.parse(jwtCookie); } catch(ParseException p){ + LOGGER.info(p); return Response.status(Response.Status.NOT_ACCEPTABLE).build(); } // or jwt = parser.decrypt(jwtCookie, secret);