Skip to content

Commit 4ffd99d

Browse files
vpavicvpavic
committed
Add auto-config for Spring Session cookie serializer
This commit adds support for auto-configuring Spring Session's `DefaultCookieSerializer` using `ServerProperties`.
1 parent 9932f34 commit 4ffd99d

File tree

2 files changed

+120
-1
lines changed

2 files changed

+120
-1
lines changed

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionAutoConfiguration.java

Lines changed: 40 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,14 +35,19 @@
3535
import org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration;
3636
import org.springframework.boot.autoconfigure.session.SessionAutoConfiguration.SessionRepositoryConfiguration;
3737
import org.springframework.boot.autoconfigure.session.SessionAutoConfiguration.SessionRepositoryValidator;
38+
import org.springframework.boot.autoconfigure.web.ServerProperties;
3839
import org.springframework.boot.context.properties.EnableConfigurationProperties;
3940
import org.springframework.context.ApplicationContext;
41+
import org.springframework.context.annotation.Bean;
4042
import org.springframework.context.annotation.Configuration;
4143
import org.springframework.context.annotation.Import;
4244
import org.springframework.context.annotation.ImportSelector;
4345
import org.springframework.core.type.AnnotationMetadata;
4446
import org.springframework.session.Session;
4547
import org.springframework.session.SessionRepository;
48+
import org.springframework.session.web.http.CookieSerializer;
49+
import org.springframework.session.web.http.DefaultCookieSerializer;
50+
import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
4651

4752
/**
4853
* {@link EnableAutoConfiguration Auto-configuration} for Spring Session.
@@ -57,14 +62,48 @@
5762
@Configuration
5863
@ConditionalOnClass(Session.class)
5964
@ConditionalOnWebApplication(type = Type.SERVLET)
60-
@EnableConfigurationProperties(SessionProperties.class)
65+
@EnableConfigurationProperties({ ServerProperties.class, SessionProperties.class })
6166
@AutoConfigureAfter({ DataSourceAutoConfiguration.class, HazelcastAutoConfiguration.class,
6267
JdbcTemplateAutoConfiguration.class, MongoAutoConfiguration.class,
6368
RedisAutoConfiguration.class })
6469
@Import({ SessionRepositoryConfiguration.class, SessionRepositoryValidator.class,
6570
SessionRepositoryFilterConfiguration.class })
6671
public class SessionAutoConfiguration {
6772

73+
private final ServerProperties serverProperties;
74+
75+
public SessionAutoConfiguration(ServerProperties serverProperties) {
76+
this.serverProperties = serverProperties;
77+
}
78+
79+
@Bean
80+
@ConditionalOnMissingBean({ CookieSerializer.class,
81+
HeaderHttpSessionIdResolver.class })
82+
public DefaultCookieSerializer cookieSerializer() {
83+
ServerProperties.Session.Cookie cookie = this.serverProperties.getSession()
84+
.getCookie();
85+
DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();
86+
if (cookie.getName() != null) {
87+
cookieSerializer.setCookieName(cookie.getName());
88+
}
89+
if (cookie.getDomain() != null) {
90+
cookieSerializer.setDomainName(cookie.getDomain());
91+
}
92+
if (cookie.getPath() != null) {
93+
cookieSerializer.setCookiePath(cookie.getPath());
94+
}
95+
if (cookie.getHttpOnly() != null) {
96+
cookieSerializer.setUseHttpOnlyCookie(cookie.getHttpOnly());
97+
}
98+
if (cookie.getSecure() != null) {
99+
cookieSerializer.setUseSecureCookie(cookie.getSecure());
100+
}
101+
if (cookie.getMaxAge() != null) {
102+
cookieSerializer.setCookieMaxAge(cookie.getMaxAge());
103+
}
104+
return cookieSerializer;
105+
}
106+
68107
@Configuration
69108
@ConditionalOnMissingBean(SessionRepository.class)
70109
@Import({ SessionRepositoryImplementationValidator.class,

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/session/SessionAutoConfigurationTests.java

Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,9 @@
3232
import org.springframework.session.MapSessionRepository;
3333
import org.springframework.session.SessionRepository;
3434
import org.springframework.session.config.annotation.web.http.EnableSpringHttpSession;
35+
import org.springframework.session.web.http.CookieHttpSessionIdResolver;
36+
import org.springframework.session.web.http.DefaultCookieSerializer;
37+
import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
3538
import org.springframework.session.web.http.SessionRepositoryFilter;
3639
import org.springframework.test.util.ReflectionTestUtils;
3740

@@ -147,6 +150,47 @@ public void filterDispatcherTypesCanBeCustomized() {
147150
});
148151
}
149152

153+
@Test
154+
public void autoConfiguredCookieSerializerConfiguration() {
155+
this.contextRunner.withUserConfiguration(SessionRepositoryConfiguration.class)
156+
.withPropertyValues("server.session.cookie.name=sid").run((context) -> {
157+
DefaultCookieSerializer cookieSerializer = context
158+
.getBean(DefaultCookieSerializer.class);
159+
assertThat(
160+
ReflectionTestUtils.getField(cookieSerializer, "cookieName"))
161+
.isEqualTo("sid");
162+
});
163+
}
164+
165+
@Test
166+
public void userProvidedCookieSerializerConfiguration() {
167+
this.contextRunner
168+
.withUserConfiguration(UserProvidedCookieSerializerConfiguration.class)
169+
.withPropertyValues("server.session.cookie.name=sid").run((context) -> {
170+
DefaultCookieSerializer cookieSerializer = context
171+
.getBean(DefaultCookieSerializer.class);
172+
assertThat(
173+
ReflectionTestUtils.getField(cookieSerializer, "cookieName"))
174+
.isEqualTo("SESSION");
175+
});
176+
}
177+
178+
@Test
179+
public void userProvidedCookieHttpSessionStrategyConfiguration() {
180+
this.contextRunner
181+
.withUserConfiguration(UserProvidedCookieHttpSessionStrategyConfiguration.class)
182+
.run((context) -> assertThat(
183+
context.getBeansOfType(DefaultCookieSerializer.class)).isNotEmpty());
184+
}
185+
186+
@Test
187+
public void userProvidedHeaderHttpSessionStrategyConfiguration() {
188+
this.contextRunner
189+
.withUserConfiguration(UserProvidedHeaderHttpSessionStrategyConfiguration.class)
190+
.run((context) -> assertThat(
191+
context.getBeansOfType(DefaultCookieSerializer.class)).isEmpty());
192+
}
193+
150194
@Configuration
151195
@EnableSpringHttpSession
152196
static class SessionRepositoryConfiguration {
@@ -158,4 +202,40 @@ public MapSessionRepository mySessionRepository() {
158202

159203
}
160204

205+
@Configuration
206+
@EnableSpringHttpSession
207+
static class UserProvidedCookieSerializerConfiguration
208+
extends SessionRepositoryConfiguration {
209+
210+
@Bean
211+
public DefaultCookieSerializer myCookieSerializer() {
212+
return new DefaultCookieSerializer();
213+
}
214+
215+
}
216+
217+
@Configuration
218+
@EnableSpringHttpSession
219+
static class UserProvidedCookieHttpSessionStrategyConfiguration
220+
extends SessionRepositoryConfiguration {
221+
222+
@Bean
223+
public CookieHttpSessionIdResolver httpSessionStrategy() {
224+
return new CookieHttpSessionIdResolver();
225+
}
226+
227+
}
228+
229+
@Configuration
230+
@EnableSpringHttpSession
231+
static class UserProvidedHeaderHttpSessionStrategyConfiguration
232+
extends SessionRepositoryConfiguration {
233+
234+
@Bean
235+
public HeaderHttpSessionIdResolver httpSessionStrategy() {
236+
return HeaderHttpSessionIdResolver.xAuthToken();
237+
}
238+
239+
}
240+
161241
}

0 commit comments

Comments
 (0)