ad_get_signed_cookie (public)

 ad_get_signed_cookie [ -include_set_cookies include_set_cookies ] \
    [ -secret secret ] name

Defined in packages/acs-tcl/tcl/security-procs.tcl

Retrieves a signed cookie. Validates a cookie against its cryptographic signature and ensures that the cookie has not expired. Throws an exception if cookie does not exists or validation fails (maybe due to expiration).

Switches:
-include_set_cookies (optional, defaults to "t")
-secret (optional)
Parameters:
name (required)
Returns:
cookie value
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_test_set_cookie_procs test_set_cookie_procs (test acs-tcl) ad_get_signed_cookie ad_get_signed_cookie test_test_set_cookie_procs->ad_get_signed_cookie ad_get_cookie ad_get_cookie (public) ad_get_signed_cookie->ad_get_cookie ad_verify_signature ad_verify_signature (public) ad_get_signed_cookie->ad_verify_signature security::log security::log (private) ad_get_signed_cookie->security::log Class ::xowiki::includelet::kibana Class ::xowiki::includelet::kibana (public) Class ::xowiki::includelet::kibana->ad_get_signed_cookie sec_handler sec_handler (private) sec_handler->ad_get_signed_cookie sec_login_read_cookie sec_login_read_cookie (private) sec_login_read_cookie->ad_get_signed_cookie

Testcases:
test_set_cookie_procs
Source code:

    set cookie_value [ad_get_cookie -include_set_cookies $include_set_cookies $name]
    if { $cookie_value eq "" || ![string is list $cookie_value]} {
        throw {AD_EXCEPTION NO_COOKIE} {Cookie does not exist}
    }

    lassign $cookie_value value signature
    ::security::log login_cookie "ad_get_signed_cookie: Got signed cookie $name with value $value, signature $signature."

    if { [ad_verify_signature -secret $secret $value $signature] } {
        ::security::log login_cookie "ad_get_signed_cookie: Verification of cookie $name OK"
        return $value
    }

    ::security::log login_cookie "ad_get_signed_cookie: Verification of cookie $name FAILED"
    throw {AD_EXCEPTION INVALID_COOKIE} "Cookie could not be authenticated."
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: