From 4d9f33efe39c3c6ee4d61177ed29bd831093dc2d Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Wed, 7 Feb 2024 13:16:04 +0100
Subject: [PATCH] Add cookie type builder (#26848)

Closes #26847

Signed-off-by: stianst <stianst@gmail.com>
---
 .../java/org/keycloak/cookie/CookieType.java  | 94 +++++++++++++++++--
 1 file changed, 85 insertions(+), 9 deletions(-)

diff --git a/server-spi-private/src/main/java/org/keycloak/cookie/CookieType.java b/server-spi-private/src/main/java/org/keycloak/cookie/CookieType.java
index 4a48d4237a..cd75afe77d 100644
--- a/server-spi-private/src/main/java/org/keycloak/cookie/CookieType.java
+++ b/server-spi-private/src/main/java/org/keycloak/cookie/CookieType.java
@@ -4,15 +4,49 @@ import jakarta.annotation.Nullable;
 
 public final class CookieType {
 
-    public static final CookieType AUTH_DETACHED = new CookieType("KC_STATE_CHECKER", false, CookiePath.REALM, CookieScope.LEGACY, null);
-    public static final CookieType AUTH_RESTART = new CookieType("KC_RESTART", false, CookiePath.REALM, CookieScope.LEGACY, CookieMaxAge.SESSION);
-    public static final CookieType AUTH_SESSION_ID = new CookieType("AUTH_SESSION_ID", true, CookiePath.REALM, CookieScope.FEDERATION, CookieMaxAge.SESSION);
-    public static final CookieType AUTH_STATE = new CookieType("KC_AUTH_STATE", false, CookiePath.REALM, CookieScope.LEGACY_JS, null);
-    public static final CookieType IDENTITY = new CookieType("KEYCLOAK_IDENTITY", true, CookiePath.REALM, CookieScope.FEDERATION, null);
-    public static final CookieType LOCALE = new CookieType("KEYCLOAK_LOCALE", false, CookiePath.REALM, CookieScope.LEGACY, CookieMaxAge.SESSION);
-    public static final CookieType LOGIN_HINT = new CookieType("KEYCLOAK_REMEMBER_ME", false, CookiePath.REALM, CookieScope.LEGACY, CookieMaxAge.YEAR);
-    public static final CookieType SESSION = new CookieType("KEYCLOAK_SESSION", true, CookiePath.REALM, CookieScope.FEDERATION_JS, null);
-    public static final CookieType WELCOME_CSRF = new CookieType("WELCOME_STATE_CHECKER", false, CookiePath.REQUEST, CookieScope.INTERNAL, 300);
+    public static final CookieType AUTH_DETACHED = CookieType.create("KC_STATE_CHECKER")
+            .scope(CookieScope.LEGACY)
+            .build();
+
+    public static final CookieType AUTH_RESTART = CookieType.create("KC_RESTART")
+            .scope(CookieScope.LEGACY)
+            .defaultMaxAge(CookieMaxAge.SESSION)
+            .build();
+
+    public static final CookieType AUTH_SESSION_ID = CookieType.create("AUTH_SESSION_ID")
+            .scope(CookieScope.FEDERATION)
+            .defaultMaxAge(CookieMaxAge.SESSION)
+            .supportSameSiteLegacy()
+            .build();
+
+    public static final CookieType AUTH_STATE = CookieType.create("KC_AUTH_STATE")
+            .scope(CookieScope.LEGACY_JS)
+            .build();
+
+    public static final CookieType IDENTITY = CookieType.create("KEYCLOAK_IDENTITY")
+            .scope(CookieScope.FEDERATION)
+            .supportSameSiteLegacy()
+            .build();
+
+    public static final CookieType LOCALE = CookieType.create("KEYCLOAK_LOCALE")
+            .scope(CookieScope.LEGACY)
+            .defaultMaxAge(CookieMaxAge.SESSION)
+            .build();
+
+    public static final CookieType LOGIN_HINT = CookieType.create("KEYCLOAK_REMEMBER_ME")
+            .scope(CookieScope.LEGACY)
+            .defaultMaxAge(CookieMaxAge.YEAR)
+            .build();
+
+    public static final CookieType SESSION = CookieType.create("KEYCLOAK_SESSION")
+            .scope(CookieScope.FEDERATION_JS)
+            .supportSameSiteLegacy()
+            .build();
+
+    public static final CookieType WELCOME_CSRF = CookieType.create("WELCOME_STATE_CHECKER")
+            .requestPath()
+            .defaultMaxAge(300)
+            .build();
 
     private final String name;
     private final String sameSiteLegacyName;
@@ -29,6 +63,10 @@ public final class CookieType {
         this.defaultMaxAge = defaultMaxAge;
     }
 
+    private static CookieTypeBuilder create(String name) {
+        return new CookieTypeBuilder(name);
+    }
+
     public String getName() {
         return name;
     }
@@ -55,4 +93,42 @@ public final class CookieType {
         return defaultMaxAge;
     }
 
+    private static class CookieTypeBuilder {
+
+        private String name;
+        private boolean supportSameSiteLegacy = false;
+        private CookiePath path = CookiePath.REALM;
+        private CookieScope scope = CookieScope.INTERNAL;
+        private Integer defaultMaxAge;
+
+        CookieTypeBuilder(String name) {
+            this.name = name;
+        }
+
+        CookieTypeBuilder requestPath() {
+            this.path = CookiePath.REQUEST;
+            return this;
+        }
+
+        CookieTypeBuilder scope(CookieScope scope) {
+            this.scope = scope;
+            return this;
+        }
+
+        CookieTypeBuilder supportSameSiteLegacy() {
+            this.supportSameSiteLegacy = true;
+            return this;
+        }
+
+        CookieTypeBuilder defaultMaxAge(int defaultMaxAge) {
+            this.defaultMaxAge = defaultMaxAge;
+            return this;
+        }
+
+        CookieType build() {
+            return new CookieType(name, supportSameSiteLegacy, path, scope, defaultMaxAge);
+        }
+
+    }
+
 }