restored methods to handle SameSite cookie header, but without using separate class

Author: TheTechsTech

Http/SetCookie.php

@@ -24,6 +24,8 @@ class SetCookie
     private $secure = false;
     /** @var bool */
     private $httpOnly = false;
+    /** @var string|null */
+    private $sameSite = null;
 
     private function __construct(string $name, ?string $value = null)
     {
@@ -71,6 +73,11 @@ public function getHttpOnly() : bool
         return $this->httpOnly;
     }
 
+    public function getSameSite() : ?string
+    {
+        return $this->sameSite;
+    }
+
     public function withValue(?string $value = null) : self
     {
         $clone = clone($this);
@@ -169,6 +176,39 @@ public function withHttpOnly(bool $httpOnly = true) : self
         return $clone;
     }
 
+    /**
+     * @throws \InvalidArgumentException If the given SameSite string is neither strict nor lax.
+     */
+    public function withSameSite(string $sameSite = 'lax') : self
+    {
+        $clone = clone($this);
+
+        $lowerCaseSite = \strtolower($sameSite);
+
+        if ($lowerCaseSite === 'strict') {
+            $strict = true;
+        } elseif ($lowerCaseSite === 'lax') {
+            $strict = false;
+        } else {
+            throw new \InvalidArgumentException(\sprintf(
+                'Expected modifier value to be either "strict" or "lax", "%s" given', $sameSite
+            ));
+        }
+
+        $clone->sameSite = ($strict) ? 'Strict' : 'Lax';
+
+        return $clone;
+    }
+
+    public function withoutSameSite() : self
+    {
+        $clone = clone($this);
+
+        $clone->sameSite = null;
+
+        return $clone;
+    }
+
     public function __toString() : string
     {
         $cookieStringParts = [
@@ -181,6 +221,7 @@ public function __toString() : string
         $cookieStringParts = $this->appendFormattedMaxAgePartIfSet($cookieStringParts);
         $cookieStringParts = $this->appendFormattedSecurePartIfSet($cookieStringParts);
         $cookieStringParts = $this->appendFormattedHttpOnlyPartIfSet($cookieStringParts);
+        $cookieStringParts = $this->appendFormattedSameSitePartIfSet($cookieStringParts);
 
         return \implode('; ', $cookieStringParts);
     }
@@ -248,6 +289,9 @@ public static function fromString(string $string) : self
                 case 'httponly':
                     $setCookie = $setCookie->withHttpOnly(true);
                     break;
+                case 'samesite':
+                    $setCookie = $setCookie->withSameSite($attributeValue);
+                    break;
             }
         }
 
@@ -307,4 +351,15 @@ private function appendFormattedHttpOnlyPartIfSet(array $cookieStringParts) : ar
 
         return $cookieStringParts;
     }
+
+    private function appendFormattedSameSitePartIfSet(array $cookieStringParts) : array
+    {
+        if ($this->sameSite === null) {
+            return $cookieStringParts;
+        }
+
+        $cookieStringParts[] = \sprintf('SameSite=%s', $this->sameSite);
+
+        return $cookieStringParts;
+    }
 }

tests/SetCookieTest.php

@@ -14,8 +14,8 @@ public function testFromString(string $cookieString, SetCookie $expectedSetCooki
     {
         $setCookie = SetCookie::fromString($cookieString);
 
-        self::assertEquals($expectedSetCookie, $setCookie);
-        self::assertEquals($cookieString, (string) $setCookie);
+        $this->assertEquals($expectedSetCookie, $setCookie);
+        $this->assertEquals($cookieString, (string) $setCookie);
     }
 
     public function provideParsesFromSetCookieStringData() : array
@@ -110,25 +110,69 @@ public function provideParsesFromSetCookieStringData() : array
                          ->withSecure(true)
                          ->withHttpOnly(true),
             ],
+            [
+                'lu=Rg3vHJZnehYLjVg7qi3bZjzg; Domain=.example.com; Path=/; Expires=Tue, 15 Jan 2013 21:47:38 GMT; Max-Age=500; Secure; HttpOnly; SameSite=Strict',
+                SetCookie::create('lu')
+                         ->withValue('Rg3vHJZnehYLjVg7qi3bZjzg')
+                         ->withExpires(new \DateTime('Tue, 15-Jan-2013 21:47:38 GMT'))
+                         ->withMaxAge(500)
+                         ->withPath('/')
+                         ->withDomain('.example.com')
+                         ->withSecure(true)
+                         ->withHttpOnly(true)
+                         ->withSameSite('strict'),
+            ],
+            [
+                'lu=Rg3vHJZnehYLjVg7qi3bZjzg; Domain=.example.com; Path=/; Expires=Tue, 15 Jan 2013 21:47:38 GMT; Max-Age=500; Secure; HttpOnly; SameSite=Lax',
+                SetCookie::create('lu')
+                         ->withValue('Rg3vHJZnehYLjVg7qi3bZjzg')
+                         ->withExpires(new \DateTime('Tue, 15-Jan-2013 21:47:38 GMT'))
+                         ->withMaxAge(500)
+                         ->withPath('/')
+                         ->withDomain('.example.com')
+                         ->withSecure(true)
+                         ->withHttpOnly(true)
+                         ->withSameSite('lax'),
+            ],
         ];
     }
 
     public function testExpireCookies() : void
     {
         $setCookie = SetCookie::createExpired('expire_immediately');
 
-        self::assertLessThan(\time(), $setCookie->getExpires());
+        $this->assertLessThan(\time(), $setCookie->getExpires());
     }
 
-    public function TestLongLivingCookies() : void
+    public function testLongLivingCookies() : void
     {
         $setCookie = SetCookie::createRememberedForever('remember_forever');
 
         $fourYearsFromNow = (new \DateTime('+4 years'))->getTimestamp();
-        self::assertGreaterThan($fourYearsFromNow, $setCookie->getExpires());
+        $this->assertGreaterThan($fourYearsFromNow, $setCookie->getExpires());
+    }
+
+    public function testSameSite() : void
+    {
+        $setCookie = SetCookie::create('foo', 'bar');
+
+        $this->assertNull($setCookie->getSameSite());
+        $this->assertSame('foo=bar', $setCookie->__toString());
+
+        $setCookie = $setCookie->withSameSite('strict');
+
+        $this->assertEquals('Strict', $setCookie->getSameSite());
+        $this->assertSame('foo=bar; SameSite=Strict', $setCookie->__toString());
+
+        $setCookie = $setCookie->withoutSameSite();
+        $this->assertNull($setCookie->getSameSite());
+        $this->assertSame('foo=bar', $setCookie->__toString());
+
+        $this->expectException(\InvalidArgumentException::class);
+        $setCookie = $setCookie->withSameSite('foo');
     }
 
-    public function TestInvalid() : void
+    public function testInvalid() : void
     {
         $setCookie = SetCookie::create('foo', 'bar');