private def cookie()

in pan-domain-auth-play/src/main/scala/com/gu/pandomainauth/action/Actions.scala [97:124]

• 20 lines of code
• 1 McCabe index (conditional complexity)

  private def cookie(name: String, value: String): Cookie =
    Cookie(
      name,
      value = URLEncoder.encode(value, "UTF-8"),
      secure = true,
      httpOnly = true,
      // Chrome will pass back SameSite=Lax cookies, but Firefox requires
      // SameSite=None, since the cookies are to be returned on a redirect
      // from a 3rd party
      sameSite = Some(Cookie.SameSite.None)
    )
  private lazy val discardCookies = Seq(
    DiscardingCookie(LOGIN_ORIGIN_KEY, secure = true),
    DiscardingCookie(ANTI_FORGERY_KEY, secure = true),
    DiscardingCookie(FORCE_EXPIRY_KEY, secure = true)
  )

  /**
    * starts the authentication process for a user. By default this just sends the user off to the OAuth provider for auth
    * but if you want to show welcome page with a button on it then override.
    */
  def sendForAuth(implicit request: RequestHeader, email: Option[String] = None) = {
    val antiForgeryToken = OAuth.generateAntiForgeryToken()
    OAuth.redirectToOAuthProvider(antiForgeryToken, email)(ec) map { res =>
      val originUrl = request.uri
      res.withCookies(cookie(ANTI_FORGERY_KEY, antiForgeryToken), cookie(LOGIN_ORIGIN_KEY, originUrl))
    }
  }