Merge pull request #31 from Pieter-1337/#29-add-cookiesettings

#29 added cookiesettings section to authenticationSettings
fancyDevelopment · Jun 5, 2024 · 1976031 · 1976031
2 parents 0f02404 + 3b288de
commit 1976031
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 0 deletions.
diff --git a/src/Fancy.ResourceLinker.Gateway/Authentication/GatewayAuthentication.cs b/src/Fancy.ResourceLinker.Gateway/Authentication/GatewayAuthentication.cs
@@ -54,10 +54,14 @@ internal static void AddGatewayAuthentication(IServiceCollection services, Gatew
             options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
             options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
         })
+        // Add cookie settings
         .AddCookie(options =>
         {
             options.ExpireTimeSpan = TimeSpan.FromMinutes(settings.SessionTimeoutInMin);
             options.SlidingExpiration = true;
+            options.Cookie.SameSite = settings.CookieSettings.SameSiteStrict == true ? SameSiteMode.Strict : SameSiteMode.Lax;
+            options.Cookie.SecurePolicy = settings.CookieSettings.Secure == true ? CookieSecurePolicy.Always : CookieSecurePolicy.SameAsRequest;
+            options.Cookie.HttpOnly = settings.CookieSettings.HttpOnly;   
         })
         .AddOpenIdConnect(options =>
         {

diff --git a/src/Fancy.ResourceLinker.Gateway/Authentication/GatewayAuthenticationSettings.cs b/src/Fancy.ResourceLinker.Gateway/Authentication/GatewayAuthenticationSettings.cs
@@ -78,6 +78,15 @@ public class GatewayAuthenticationSettings
     /// </value>
     public string? IssuerAddressForSignOut { get; set; }
 
+    /// <summary>
+    /// Gets or sets the cookiesettings.
+    /// </summary>
+    /// <value>
+    /// Set cookiesettings.
+    /// </value>
+    public CookieSettings CookieSettings { get; set; } = new CookieSettings();
+
+
     public void Validate()
     {
         // Check required fields
@@ -97,3 +106,33 @@ public void Validate()
         }
     }
 }
+
+public class CookieSettings
+{
+    /// <summary>
+    /// Gets or sets the SameSite policy
+    /// </summary>
+    /// <value>
+    /// true || Not set == Strict
+    /// false == Lax
+    /// </value>
+    public bool SameSiteStrict { get; set; } = true;
+    ///                   
+    /// <summary>
+    /// Gets or sets the secure flag.
+    /// </summary>
+    /// <value>
+    /// true || Not set == Always
+    /// false == SameAsRequest
+    /// </value>
+    public bool Secure { get; set; } = true;
+    ///                   
+    /// <summary>
+    /// Gets or sets the HttpOnly setting.
+    /// </summary>
+    /// <value>
+    /// true || Not set == true
+    /// false == false
+    /// </value>
+    public bool HttpOnly { get; set; } = true;                 
+}