feat: add support for cookie client

thetutlage · thetutlage · commit bcc81ef51e4f · 2021-07-03T09:55:08.000+05:30
Cookie client exposes the API to define/parse cookies as a client
diff --git a/adonis-typings/container.ts b/adonis-typings/container.ts
@@ -10,13 +10,15 @@
 declare module '@ioc:Adonis/Core/Application' {
   import { RouterContract } from '@ioc:Adonis/Core/Route'
   import { ServerContract } from '@ioc:Adonis/Core/Server'
+  import { CookieClientContract } from '@ioc:Adonis/Core/CookieClient'
   import { RequestConstructorContract } from '@ioc:Adonis/Core/Request'
   import { ResponseConstructorContract } from '@ioc:Adonis/Core/Response'
   import { HttpContextConstructorContract } from '@ioc:Adonis/Core/HttpContext'
 
   export interface ContainerBindings {
     'Adonis/Core/Route': RouterContract
     'Adonis/Core/Server': ServerContract
+    'Adonis/Core/CookieClient': CookieClientContract
     'Adonis/Core/Request': RequestConstructorContract
     'Adonis/Core/Response': ResponseConstructorContract
     'Adonis/Core/HttpContext': HttpContextConstructorContract
diff --git a/adonis-typings/cookie-client.ts b/adonis-typings/cookie-client.ts
@@ -0,0 +1,62 @@
+/*
+ * @adonisjs/http-server
+ *
+ * (c) Harminder Virk <virk@adonisjs.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare module '@ioc:Adonis/Core/CookieClient' {
+  export interface CookieClientContract {
+    /**
+     * Encrypt a key value pair to be sent in the cookie header
+     */
+    encrypt(key: string, value: any): string | null
+
+    /**
+     * Sign a key value pair to be sent in the cookie header
+     */
+    sign(key: string, value: any): string | null
+
+    /**
+     * Encode a key value pair to be sent in the cookie header
+     */
+    encode(key: string, value: any): string | null
+
+    /**
+     * Parse the set-cookie header
+     */
+    parse(setCookieHeader: string): {
+      name: string
+      value: any
+      encrypted: boolean
+      signed: boolean
+      path?: string
+      expires?: Date
+      maxAge?: number
+      domain?: string
+      secure?: boolean
+      httpOnly?: boolean
+      sameSite?: 'lax' | 'none' | 'strict'
+    }[]
+
+    /**
+     * Unsign a signed cookie value
+     */
+    unsign(key: string, value: string): any
+
+    /**
+     * Decrypt an encrypted cookie value
+     */
+    decrypt(key: string, value: string): any
+
+    /**
+     * Decode an encoded cookie value
+     */
+    decode(key: string, value: string): any
+  }
+
+  const CookieClient: CookieClientContract
+  export default CookieClient
+}
diff --git a/adonis-typings/index.ts b/adonis-typings/index.ts
@@ -14,3 +14,4 @@
 /// <reference path="./request.ts" />
 /// <reference path="./response.ts" />
 /// <reference path="./route.ts" />
+/// <reference path="./cookie-client.ts" />
diff --git a/package.json b/package.json
@@ -108,6 +108,7 @@
     "pluralize": "^8.0.0",
     "proxy-addr": "^2.0.7",
     "qs": "^6.10.1",
+    "set-cookie-parser": "^2.4.8",
     "tmp-cache": "^1.1.0",
     "type-is": "^1.6.18",
     "vary": "^1.1.2"
diff --git a/providers/HttpServerProvider.ts b/providers/HttpServerProvider.ts
@@ -13,8 +13,6 @@ import { ApplicationContract } from '@ioc:Adonis/Core/Application'
 export default class HttpServerProvider {
   constructor(protected application: ApplicationContract) {}
 
-  public static needsApplication = true
-
   /**
    * Validate server config to ensure we start with sane defaults
    */
@@ -90,6 +88,17 @@ export default class HttpServerProvider {
     })
   }
 
+  /**
+   * Registers the cookie client with the container
+   */
+  protected registerCookieClient() {
+    this.application.container.singleton('Adonis/Core/CookieClient', () => {
+      const { CookieClient } = require('../src/Cookie/Client')
+      const Encryption = this.application.container.resolveBinding('Adonis/Core/Encryption')
+      return new CookieClient(Encryption)
+    })
+  }
+
   /**
    * Registering all bindings
    */
@@ -99,5 +108,6 @@ export default class HttpServerProvider {
     this.registerHttpServer()
     this.registerHTTPContext()
     this.registerRouter()
+    this.registerCookieClient()
   }
 }
diff --git a/src/Cookie/Client/index.ts b/src/Cookie/Client/index.ts
@@ -0,0 +1,111 @@
+/*
+ * @adonisjs/http-server
+ *
+ * (c) Harminder Virk <virk@adonisjs.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/// <reference path="../../../adonis-typings/index.ts" />
+
+import setCookieParser from 'set-cookie-parser'
+import { EncryptionContract } from '@ioc:Adonis/Core/Encryption'
+import { CookieClientContract } from '@ioc:Adonis/Core/CookieClient'
+
+import * as PlainCookie from '../Drivers/Plain'
+import * as SignedCookie from '../Drivers/Signed'
+import * as EncryptedCookie from '../Drivers/Encrypted'
+
+/**
+ * Cookie client exposes the API to parse/set AdonisJS
+ * cookies as a client.
+ */
+export class CookieClient implements CookieClientContract {
+  constructor(private encryption: EncryptionContract) {}
+
+  /**
+   * Encrypt a key value pair to be sent in the cookie header
+   */
+  public encrypt(key: string, value: any): string | null {
+    return EncryptedCookie.pack(key, value, this.encryption)
+  }
+
+  /**
+   * Sign a key value pair to be sent in the cookie header
+   */
+  public sign(key: string, value: any): string | null {
+    return SignedCookie.pack(key, value, this.encryption)
+  }
+
+  /**
+   * Encode a key value pair to be sent in the cookie header
+   */
+  public encode(_: string, value: any): string | null {
+    return PlainCookie.pack(value)
+  }
+
+  /**
+   * Unsign a signed cookie value
+   */
+  public unsign(key: string, value: string) {
+    return SignedCookie.canUnpack(value) ? SignedCookie.unpack(key, value, this.encryption) : null
+  }
+
+  /**
+   * Decrypt an encrypted cookie value
+   */
+  public decrypt(key: string, value: string) {
+    return EncryptedCookie.canUnpack(value)
+      ? EncryptedCookie.unpack(key, value, this.encryption)
+      : null
+  }
+
+  /**
+   * Decode an encoded cookie value
+   */
+  public decode(_: string, value: string) {
+    return PlainCookie.canUnpack(value) ? PlainCookie.unpack(value) : null
+  }
+
+  /**
+   * Parses the set-cookie header and returns an
+   * array of parsed cookies
+   */
+  public parse(setCookieHeader: string) {
+    const cookies = setCookieParser(setCookieHeader)
+
+    return cookies.map((cookie: any) => {
+      cookie.encrypted = false
+      cookie.signed = false
+      const value = cookie.value
+
+      /**
+       * Unsign signed cookie
+       */
+      if (SignedCookie.canUnpack(value)) {
+        cookie.value = SignedCookie.unpack(cookie.name, value, this.encryption)
+        cookie.signed = true
+        return cookie
+      }
+
+      /**
+       * Decrypted encrypted cookie
+       */
+      if (EncryptedCookie.canUnpack(value)) {
+        cookie.value = EncryptedCookie.unpack(cookie.name, value, this.encryption)
+        cookie.encrypted = true
+        return cookie
+      }
+
+      /**
+       * Decode encoded cookie
+       */
+      if (PlainCookie.canUnpack(value)) {
+        cookie.value = PlainCookie.unpack(value)
+      }
+
+      return cookie
+    })
+  }
+}
diff --git a/src/Cookie/Parser/index.ts b/src/Cookie/Parser/index.ts
@@ -10,9 +10,7 @@
 import cookie from 'cookie'
 import { EncryptionContract } from '@ioc:Adonis/Core/Encryption'
 
-import * as PlainCookie from '../Drivers/Plain'
-import * as SignedCookie from '../Drivers/Signed'
-import * as EncryptedCookie from '../Drivers/Encrypted'
+import { CookieClient } from '../Client'
 
 /**
  * Cookie parser parses the HTTP `cookie` header and collects all cookies
@@ -25,6 +23,8 @@ import * as EncryptedCookie from '../Drivers/Encrypted'
  * server.
  */
 export class CookieParser {
+  private client = new CookieClient(this.encryption)
+
   /**
    * A copy of cached cookies, they are cached during a request after
    * initial decoding, unsigning or decrypting.
@@ -96,7 +96,7 @@ export class CookieParser {
      * Attempt to unpack and cache it for future. The value is only
      * when value it is not null.
      */
-    const parsed = PlainCookie.canUnpack(value) ? PlainCookie.unpack(value) : null
+    const parsed = this.client.decode(key, value)
     if (parsed !== null) {
       cacheObject[key] = parsed
     }
@@ -135,10 +135,7 @@ export class CookieParser {
      * Attempt to unpack and cache it for future. The value is only
      * when value it is not null.
      */
-    const parsed = SignedCookie.canUnpack(value)
-      ? SignedCookie.unpack(key, value, this.encryption)
-      : null
-
+    const parsed = this.client.unsign(key, value)
     if (parsed !== null) {
       cacheObject[key] = parsed
     }
@@ -177,10 +174,7 @@ export class CookieParser {
      * Attempt to unpack and cache it for future. The value is only
      * when value it is not null.
      */
-    const parsed = EncryptedCookie.canUnpack(value)
-      ? EncryptedCookie.unpack(key, value, this.encryption)
-      : null
-
+    const parsed = this.client.decrypt(key, value)
     if (parsed !== null) {
       cacheObject[key] = parsed
     }
diff --git a/src/Cookie/Serializer/index.ts b/src/Cookie/Serializer/index.ts
@@ -12,16 +12,16 @@ import cookie, { CookieSerializeOptions } from 'cookie'
 import { CookieOptions } from '@ioc:Adonis/Core/Response'
 import { EncryptionContract } from '@ioc:Adonis/Core/Encryption'
 
-import * as PlainCookie from '../Drivers/Plain'
-import * as SignedCookie from '../Drivers/Signed'
-import * as EncryptedCookie from '../Drivers/Encrypted'
+import { CookieClient } from '../Client'
 
 /**
  * Cookies serializer is used to serialize a value to be set on the `Set-Cookie`
  * header. You can `encode`, `sign` on `encrypt` cookies using the serializer
  * and then set them individually using the `set-cookie` header.
  */
 export class CookieSerializer {
+  private client = new CookieClient(this.encryption)
+
   constructor(private encryption: EncryptionContract) {}
 
   /**
@@ -59,7 +59,7 @@ export class CookieSerializer {
    * ```
    */
   public encode(key: string, value: any, options?: Partial<CookieOptions>): string | null {
-    const packedValue = PlainCookie.pack(value)
+    const packedValue = this.client.encode(key, value)
     if (packedValue === null) {
       return null
     }
@@ -72,7 +72,7 @@ export class CookieSerializer {
    * has a verification hash attached to it to detect data tampering.
    */
   public sign(key: string, value: any, options?: Partial<CookieOptions>): string | null {
-    const packedValue = SignedCookie.pack(key, value, this.encryption)
+    const packedValue = this.client.sign(key, value)
     if (packedValue === null) {
       return null
     }
@@ -84,10 +84,11 @@ export class CookieSerializer {
    * Encrypts the value and returns it back as a url safe string.
    */
   public encrypt(key: string, value: any, options?: Partial<CookieOptions>): string | null {
-    const packedValue = EncryptedCookie.pack(key, value, this.encryption)
+    const packedValue = this.client.encrypt(key, value)
     if (packedValue === null) {
       return null
     }
+
     return this.serializeAsCookie(key, packedValue, options)
   }
 }
diff --git a/test/cookie-client.spec.ts b/test/cookie-client.spec.ts
@@ -0,0 +1,36 @@
+/*
+ * @adonisjs/http-server
+ *
+ * (c) Harminder Virk <virk@adonisjs.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+import test from 'japa'
+import { encryption } from '../test-helpers'
+import { CookieClient } from '../src/Cookie/Client'
+
+test.group('Cookie Client', () => {
+  test('sign cookie using cookie client', async (assert) => {
+    const client = new CookieClient(encryption)
+    const signed = client.sign('user_id', 1)!
+
+    assert.isTrue(signed.startsWith('s:'))
+    assert.equal(client.unsign('user_id', signed), 1)
+  })
+
+  test('encrypt cookie using cookie client', async (assert) => {
+    const client = new CookieClient(encryption)
+    const encrypted = client.encrypt('user_id', 1)!
+
+    assert.isTrue(encrypted.startsWith('e:'))
+    assert.equal(client.decrypt('user_id', encrypted), 1)
+  })
+
+  test('encode cookie using cookie client', async (assert) => {
+    const client = new CookieClient(encryption)
+    const encoded = client.encode('user_id', 1)!
+    assert.equal(client.decode('user_id', encoded), 1)
+  })
+})
diff --git a/test/http-server-provider.spec.ts b/test/http-server-provider.spec.ts
@@ -15,6 +15,7 @@ import { Request } from '../src/Request'
 import { Response } from '../src/Response'
 import { fs, setupApp } from '../test-helpers'
 import { HttpContext } from '../src/HttpContext'
+import { CookieClient } from '../src/Cookie/Client'
 import { MiddlewareStore } from '../src/MiddlewareStore'
 
 test.group('Http Server Provider', (group) => {
@@ -29,6 +30,7 @@ test.group('Http Server Provider', (group) => {
     assert.deepEqual(app.container.use('Adonis/Core/Request'), Request)
     assert.deepEqual(app.container.use('Adonis/Core/Response'), Response)
     assert.instanceOf(app.container.use('Adonis/Core/Server'), Server)
+    assert.instanceOf(app.container.use('Adonis/Core/CookieClient'), CookieClient)
     assert.deepEqual(app.container.use('Adonis/Core/MiddlewareStore'), MiddlewareStore)
     assert.deepEqual(app.container.use('Adonis/Core/HttpContext'), HttpContext)
   })
