From 32bb677e26006776d3f70c4c874d4b70805b5488 Mon Sep 17 00:00:00 2001 From: CrazyLionLi <31852897+JavaLionLi@users.noreply.github.com> Date: Fri, 24 Sep 2021 11:37:38 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=201.2K=20star=E7=9A=84?= =?UTF-8?q?=E5=BC=80=E6=BA=90=E9=A1=B9=E7=9B=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sa-token-doc/doc/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sa-token-doc/doc/README.md b/sa-token-doc/doc/README.md index 1968ecc9..732eedef 100644 --- a/sa-token-doc/doc/README.md +++ b/sa-token-doc/doc/README.md @@ -143,6 +143,8 @@ StpUtil.switchTo(10044); // 将当前会话身份临时切换 - **[ easy-admin ]**:[一个基于SpringBoot2 + Sa-Token + Mybatis-Plus + Snakerflow + Layui 的后台管理系统,灵活多变可前后端分离,也可单体,内置代码生成器、权限管理、工作流引擎等](https://gitee.com/lakernote/easy-admin) +- **[ RuoYi-Vue-Plus ]**:[基于RuoYi-Vue集成 SaToken+Lombok+Mybatis-Plus+Undertow+knife4j+Hutool+Feign 重写所有原生业务 定期与RuoYi-Vue同步](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/satoken/) + 如果您的项目使用了Sa-Token,欢迎提交pr ## 友情链接 From 7acf5e9790b22841e1404ca13a9bf2023c274462 Mon Sep 17 00:00:00 2001 From: ooknight Date: Mon, 27 Sep 2021 01:09:30 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E5=A2=9E=E5=8A=A0Cookie=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E6=80=A7,=E6=94=AF=E6=8C=81=E8=AE=BE=E7=BD=AECookie=E7=9A=84Ht?= =?UTF-8?q?tpOnly=E5=92=8CSecure=E5=B1=9E=E6=80=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dev33/satoken/config/SaTokenConfig.java | 42 ++++++++++++++++++- .../satoken/context/model/SaResponse.java | 12 +++--- .../java/cn/dev33/satoken/stp/StpLogic.java | 4 +- .../reactor/model/SaResponseForReactor.java | 27 ++++++------ .../servlet/model/SaResponseForServlet.java | 8 ++-- .../solon/model/SaResponseForSolon.java | 2 +- 6 files changed, 70 insertions(+), 25 deletions(-) diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java index ec6a42cc..b6598f91 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java @@ -41,6 +41,12 @@ public class SaTokenConfig implements Serializable { /** 是否尝试从cookie里读取token */ private Boolean isReadCookie = true; + /** 使用Cookie时,是否为HttpOnly */ + private Boolean isCookieHttpOnly = false; + + /** 使用Cookie时,是否为Secure */ + private Boolean isCookieSecure = false; + /** token风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik) */ private String tokenStyle = "uuid"; @@ -220,6 +226,38 @@ public class SaTokenConfig implements Serializable { return this; } + /** + * @return 使用Cookie时,是否为HttpOnly + */ + public Boolean getIsCookieHttpOnly() { + return isCookieHttpOnly; + } + + /** + * @param isCookieHttpOnly 使用Cookie时,是否为HttpOnly + * @return 对象自身 + */ + public SaTokenConfig setIsCookieHttpOnly(Boolean isCookieHttpOnly) { + this.isCookieHttpOnly = isCookieHttpOnly; + return this; + } + + /** + * @return 使用Cookie时,是否为Secure + */ + public Boolean getIsCookieSecure() { + return isCookieSecure; + } + + /** + * @param isCookieSecure 使用Cookie时,是否为Secure + * @return 对象自身 + */ + public SaTokenConfig setIsCookieSecure(Boolean isCookieSecure) { + this.isCookieSecure = isCookieSecure; + return this; + } + /** * @return token风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik) */ @@ -433,7 +471,9 @@ public class SaTokenConfig implements Serializable { public String toString() { return "SaTokenConfig [tokenName=" + tokenName + ", timeout=" + timeout + ", activityTimeout=" + activityTimeout + ", isConcurrent=" + isConcurrent + ", isShare=" + isShare + ", isReadBody=" + isReadBody - + ", isReadHead=" + isReadHead + ", isReadCookie=" + isReadCookie + ", tokenStyle=" + tokenStyle + + ", isReadHead=" + isReadHead + ", isReadCookie=" + isReadCookie + + ", isCookieHttpOnly=" + isCookieHttpOnly + ", isCookieSecure=" + isCookieSecure + + ", tokenStyle=" + tokenStyle + ", dataRefreshPeriod=" + dataRefreshPeriod + ", tokenSessionCheckLogin=" + tokenSessionCheckLogin + ", autoRenew=" + autoRenew + ", cookieDomain=" + cookieDomain + ", tokenPrefix=" + tokenPrefix + ", isPrint=" + isPrint + ", isLog=" + isLog + ", jwtSecretKey=" + jwtSecretKey + ", idTokenTimeout=" diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java b/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java index fa4de08b..c66245ce 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/context/model/SaResponse.java @@ -18,21 +18,23 @@ public interface SaResponse { * @param name Cookie名称 */ public void deleteCookie(String name); - + /** - * 写入指定Cookie + * 写入指定Cookie * @param name Cookie名称 * @param value Cookie值 * @param path Cookie路径 * @param domain Cookie的作用域 * @param timeout 过期时间 (秒) + * @param isHttpOnly 是否为HttpOnly + * @param isSecure 是否为Secure */ - public void addCookie(String name, String value, String path, String domain, int timeout); + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure); /** - * 设置响应状态码 + * 设置响应状态码 * @param sc 响应状态码 - * @return 对象自身 + * @return 对象自身 */ public SaResponse setStatus(int sc); diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java index 87ed101b..6d1d9739 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java @@ -109,9 +109,9 @@ public class StpLogic { } // 注入Cookie - if(config.getIsReadCookie()){ + if (config.getIsReadCookie()) { SaResponse response = SaHolder.getResponse(); - response.addCookie(getTokenName(), tokenValue, "/", config.getCookieDomain(), cookieTimeout); + response.addCookie(getTokenName(), tokenValue, "/", config.getCookieDomain(), cookieTimeout, config.getIsCookieHttpOnly(), config.getIsCookieSecure()); } } diff --git a/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java b/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java index 7c4a3965..56cf39f9 100644 --- a/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java +++ b/sa-token-starter/sa-token-reactor-spring-boot-starter/src/main/java/cn/dev33/satoken/reactor/model/SaResponseForReactor.java @@ -43,34 +43,35 @@ public class SaResponseForReactor implements SaResponse { */ @Override public void deleteCookie(String name) { - addCookie(name, null, null, null, 0); + addCookie(name, null, null, null, 0, false, false); } /** - * 写入指定Cookie + * 写入指定Cookie */ @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { - + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { // 构建CookieBuilder ResponseCookieBuilder builder = ResponseCookie.from(name, value) - .domain(domain) - .path(path) - .maxAge(timeout) + .domain(domain) + .path(path) + .maxAge(timeout) + .httpOnly(isHttpOnly) + .secure(isHttpOnly) ; - - // set path + + // set path if(SaFoxUtil.isEmpty(path) == true) { path = "/"; } builder.path(path); - - // set domain + + // set domain if(SaFoxUtil.isEmpty(domain) == false) { builder.domain(domain); } - - // 写入Cookie + + // 写入Cookie response.addCookie(builder.build()); } diff --git a/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java b/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java index c77588bc..d123cdc7 100644 --- a/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java +++ b/sa-token-starter/sa-token-servlet/src/main/java/cn/dev33/satoken/servlet/model/SaResponseForServlet.java @@ -42,14 +42,14 @@ public class SaResponseForServlet implements SaResponse { */ @Override public void deleteCookie(String name) { - addCookie(name, null, null, null, 0); + addCookie(name, null, null, null, 0, false, false); } /** - * 写入指定Cookie + * 写入指定Cookie */ @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { Cookie cookie = new Cookie(name, value); if(SaFoxUtil.isEmpty(path) == true) { path = "/"; @@ -59,6 +59,8 @@ public class SaResponseForServlet implements SaResponse { } cookie.setPath(path); cookie.setMaxAge(timeout); + cookie.setHttpOnly(isHttpOnly); + cookie.setSecure(isSecure); response.addCookie(cookie); } diff --git a/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java b/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java index 583a4db0..5f7f2101 100644 --- a/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java +++ b/sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/model/SaResponseForSolon.java @@ -28,7 +28,7 @@ public class SaResponseForSolon implements SaResponse { } @Override - public void addCookie(String name, String value, String path, String domain, int timeout) { + public void addCookie(String name, String value, String path, String domain, int timeout, boolean isHttpOnly, boolean isSecure) { if (Utils.isNotEmpty(path)) { path = "/"; }