ad_get_signed_cookie_with_expr (public)

 ad_get_signed_cookie_with_expr \
    [ -include_set_cookies include_set_cookies ] [ -secret secret ] \
    name

Defined in packages/acs-tcl/tcl/security-procs.tcl

Retrieves a signed cookie. Validates a cookie against its cryptographic signature and ensures that the cookie has not expired. Throws an exception when cookie does not exist or validation fails.

Switches:
-include_set_cookies (optional, defaults to "t")
-secret (optional)
Parameters:
name (required)
Returns:
Two-element list containing cookie data and expiration time
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_http_get_document sync_http_get_document (test acs-authentication) ad_get_signed_cookie_with_expr ad_get_signed_cookie_with_expr test_sync_http_get_document->ad_get_signed_cookie_with_expr ad_get_cookie ad_get_cookie (public) ad_get_signed_cookie_with_expr->ad_get_cookie ad_verify_signature_with_expr ad_verify_signature_with_expr (public) ad_get_signed_cookie_with_expr->ad_verify_signature_with_expr

Testcases:
sync_http_get_document
Source code:

    set cookie_value [ad_get_cookie -include_set_cookies $include_set_cookies $name]
    if { $cookie_value eq "" || ![string is list $cookie_value]} {
        throw {AD_EXCEPTION NO_COOKIE} {Cookie does not exist}
    }

    lassign $cookie_value value signature
    set expr_time [ad_verify_signature_with_expr -secret $secret $value $signature]

    ns_log Debug "Security: Done calling get_cookie $cookie_value for $name; received $expr_time expiration, getting $value and $signature."

    if { $expr_time } {
        return [list $value $expr_time]
    }

    throw {AD_EXCEPTION INVALID_COOKIE} "Cookie could not be authenticated."
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: