Release 3.6.0

Author: frwiqueueit

.vs/slnx.sqlite

@@ -1,7 +1,7 @@
 ----------------------------------------------------------------------------------------------------
--- ApacheHandlerSimple.lua
+-- ApacheHandlerUsingConfigFromFile.lua
 ----------------------------------------------------------------------------------------------------
--- HANDLER: ApacheHandlerSimple
+-- HANDLER: ApacheHandlerUsingConfigFromFile
 --
 -- DESCRIPTION:
 --    This Apache httpd Lua handler verifies that HTTP requests are allowed to be passed to the
@@ -14,6 +14,14 @@
 --...   * QUEUEIT_INT_CONF_FILE: The local JSON file containing the integration configuration
 --      * QUEUEIT_ERROR_CODE: (optional) The response code to use instead of declining to act
 --                            if request handling fails
+--      * QUEUEIT_COOKIE_OPTIONS_HTTPONLY: (optional) Set to true if you want cookies with httponly 
+--                            flag set. Only enable if this you use pure server-side integration 
+--                            e.g. not JS Hybrid
+--      * QUEUEIT_COOKIE_OPTIONS_SECURE: (optional) Set to true if you want cookies with secure 
+--                            flag set. Only enable if your website runs purely on https
+--      * QUEUEIT_COOKIE_OPTIONS_SAMESITE: (optional) Set to true if you want cookies with samesite 
+--                            flag set. Only use 'strict' if your queue protected site stays on 
+--                            same domain (no navigation to subdomains)
 --    Note that the integration configuration is read on every request. The JSON file containing
 --    The integration configuration should, for performance reasons, be available locally.
 --
@@ -25,7 +33,7 @@
 --      SetEnv  QUEUEIT_SECRET_KEY      "{SECRET_KEY}"
 --      SetEnv  QUEUEIT_INT_CONF_FILE   "{APP_FOLDER}/integration_config.json"
 --      SetEnv  QUEUEIT_ERROR_CODE      "400"
---      LuaMapHandler  "{URI_PATTERN}"  "{APP_FOLDER}/Handlers/ApacheHandlerSimple.lua"
+--      LuaMapHandler  "{URI_PATTERN}"  "{APP_FOLDER}/Handlers/ApacheHandlerUsingConfigFromFile.lua"
 --      LuaPackagePath "{APP_FOLDER}/SDK/?.lua"
 --      LuaPackagePath "{APP_FOLDER}/Helpers/?/?.lua"
 --      LuaPackagePath "{APP_FOLDER}/Handlers/?.lua"
@@ -38,12 +46,12 @@
 ----------------------------------------------------------------------------------------------------
 
 
-local DEBUG_TAG = "ApacheHandlerHelperSimple.lua"
+local DEBUG_TAG = "ApacheHandlerUsingConfigFromFile.lua"
 
 local kuHandler = require("KnownUserApacheHandler")
 local file = require("file")
 
-local function initRequiredHelpers(r)
+local function initRequiredHelpers(r, cookieOptions)
     local iHelpers = require("KnownUserImplementationHelpers")
 
     iHelpers.request.getAbsoluteUri = function()
@@ -55,6 +63,8 @@ local function initRequiredHelpers(r)
         r:debug(string.format("[%s] Rebuilt request URL as: %s", DEBUG_TAG, fullUrl))
         return fullUrl
     end
+
+    iHelpers.response.cookieOptions = cookieOptions
 end
 
 function handle(r)
@@ -65,15 +75,26 @@ function handle(r)
     -- catch errors if any occur
     local success, result = pcall(function()
 
-        -- get configuration from environment variables
+        -- get configuration from environment variables        
         local customerId = r.subprocess_env["QUEUEIT_CUSTOMER_ID"]
         local secretKey = r.subprocess_env["QUEUEIT_SECRET_KEY"]
         local intConfFile = r.subprocess_env["QUEUEIT_INT_CONF_FILE"]
         local errorCode = r.subprocess_env["QUEUEIT_ERROR_CODE"]
+        local cookieOptions = 
+        {
+            httpOnly = r.subprocess_env["QUEUEIT_COOKIE_OPTIONS_HTTPONLY"],
+            secure = r.subprocess_env["QUEUEIT_COOKIE_OPTIONS_SECURE"],
+            sameSite = r.subprocess_env["QUEUEIT_COOKIE_OPTIONS_SAMESITE"]
+        }
+        
         r:debug(string.format("[%s] Environment variable QUEUEIT_CUSTOMER_ID: %s", DEBUG_TAG, customerId))
         r:debug(string.format("[%s] Environment variable QUEUEIT_SECRET_KEY: %s", DEBUG_TAG, secretKey))
         r:debug(string.format("[%s] Environment variable QUEUEIT_INT_CONF_FILE: %s", DEBUG_TAG, intConfFile))
         r:debug(string.format("[%s] Environment variable QUEUEIT_ERROR_CODE: %s", DEBUG_TAG, errorCode))
+        r:debug(string.format("[%s] Environment variable QUEUEIT_COOKIE_OPTIONS_HTTPONLY: %s", DEBUG_TAG, cookieOptions.httpOnly))
+        r:debug(string.format("[%s] Environment variable QUEUEIT_COOKIE_OPTIONS_SECURE: %s", DEBUG_TAG, cookieOptions.secure))
+        r:debug(string.format("[%s] Environment variable QUEUEIT_COOKIE_OPTIONS_SAMESITE: %s", DEBUG_TAG, cookieOptions.sameSite))
+        
         assert(customerId ~= nil, "customerId invalid")
         assert(secretKey ~= nil, "secretKey invalid")
         assert(intConfFile ~= nil, "config invalid")
@@ -90,7 +111,7 @@ function handle(r)
         r:debug(string.format("[%s] Value of variable errorCode: %s", DEBUG_TAG, errorCode))
 
         -- initialize helper functions
-        initRequiredHelpers(r)
+        initRequiredHelpers(r, cookieOptions)
 
         -- read integration configuration from file
         local intConfJson = file.readAll(intConfFile)

Examples/ApacheHandlerUsingConfigFromFile.lua

@@ -13,12 +13,16 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 
 	-- Implement required helpers
 	-- ********************************************************************************		
+	iHelpers.system.getConnectorName = function()
+		return apache2.version
+	end
+
 	iHelpers.json.parse = function(jsonStr)
 		local json = require("json")
 		return json.parse(jsonStr)
 	end
 
-	iHelpers.hash.hmac_sha256_encode = function(message, key)		
+	iHelpers.hash.hmac_sha256_encode = function(message, key)
 		local sha2 = require("sha2")
         return sha2.hmac(sha2.sha256, key, message)
 	end
@@ -65,7 +69,7 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 				startIndex, endIndex = string.find(v, name)
 
 				if(endIndex ~= nil) then
-					return v:sub(endIndex + 1)		
+					return v:sub(endIndex + 1)
 				end
 			end
 		end
@@ -87,6 +91,10 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 	-- because we want to support Apache version < 2.4.12
 	-- where there is bug in that specific method
 	iHelpers.response.setCookie = function(name, value, expire, domain)
+		-- lua_mod only supports 1 Set-Cookie header (because 'err_headers_out' is a table).
+		-- So calling this method (setCookie) multiple times will not work as expected.
+		-- In this case final call will apply.
+
 		if (domain == nil) then
 			domain = ""
 		end
@@ -101,10 +109,13 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 		if expire ~= nil and type(expire) == "number" and expire > 0 then
 			expire_text = '; Expires=' .. os.date("!%a, %d %b %Y %H:%M:%S GMT", expire)
 		end
-		
+
 		request_rec.err_headers_out["Set-Cookie"] = name .. '=' .. value 
 			.. expire_text
 			.. (domain ~= "" and '; Domain=' .. domain or '') 
+			.. (iHelpers.response.cookieOptions.httpOnly and '; HttpOnly' or '')
+			.. (iHelpers.response.cookieOptions.secure and '; Secure' or '')
+			.. (iHelpers.response.cookieOptions.sameSite and '; SameSite=' .. iHelpers.response.cookieOptions.sameSite or '')
 			.. '; Path=/;'
 
 	end
@@ -119,8 +130,8 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 
 	local queueitToken = request_rec:parseargs()["queueittoken"]
 	local fullUrl = iHelpers.request.getAbsoluteUri()
-	local currentUrlWithoutQueueitToken = fullUrl:gsub("([\\%?%&])(" .. knownUser.QUEUEIT_TOKEN_KEY .. "=[^&]*)", "")
-	
+	local currentUrlWithoutQueueitToken = fullUrl:gsub("([\\%?%&])(" .. knownUser.QUEUEIT_TOKEN_KEY .. "=[^&]*)", "")	
+
 	local validationResult = nil
 	if (isIntegrationConfig) then
 		validationResult = knownUser.validateRequestByIntegrationConfig(currentUrlWithoutQueueitToken, queueitToken, config, customerId, secretKey)
@@ -130,10 +141,10 @@ local function handle(customerId, secretKey, config, isIntegrationConfig, reques
 
 	if (validationResult:doRedirect()) then
 		if (validationResult.isAjaxResult) then
-			request_rec.err_headers_out[validationResult.getAjaxQueueRedirectHeaderKey()] = validationResult:getAjaxRedirectUrl()            
+			request_rec.err_headers_out[validationResult.getAjaxQueueRedirectHeaderKey()] = validationResult:getAjaxRedirectUrl()
 		else					
-			request_rec.err_headers_out["Location"] = validationResult.redirectUrl			
-			return apache2.HTTP_MOVED_TEMPORARILY			
+			request_rec.err_headers_out["Location"] = validationResult.redirectUrl
+			return apache2.HTTP_MOVED_TEMPORARILY
 		end
 	else
 		-- Request can continue - we remove queueittoken form querystring parameter to avoid sharing of user specific token

Handlers/KnownUserApacheHandler.lua

@@ -4,7 +4,7 @@ local model = {
 	evaluate = function(opt, isNegative, isIgnoreCase, value, valueToCompare, valuesToCompare)
 		-- Private functions
 		local function contains(value, valueToCompare, isNegative, ignoreCase)
-			if (valueToCompare == "*") then
+			if (valueToCompare == "*" and (not utils.isNilOrEmpty(value))) then
 				return true
 			end
 
@@ -55,37 +55,6 @@ local model = {
 
 			return isNegative
 		end
-
-		local function endsWith(value, valueToCompare, isNegative, ignoreCase) 
-			if (ignoreCase) then
-				value = string.upper(value)
-				valueToCompare = string.upper(valueToCompare)
-			end
-
-			local evaluation = utils.endsWith(value, valueToCompare)
-
-			if (isNegative) then
-				return not evaluation
-			else
-				return evaluation
-			end
-		end
-
-		local function startsWith(value, valueToCompare, isNegative, ignoreCase)
-			if (ignoreCase) then
-				value = string.upper(value)
-				valueToCompare = string.upper(valueToCompare)
-			end
-
-			local evaluation = utils.startsWith(value, valueToCompare)
-
-			if (isNegative) then
-				return not evaluation
-			else
-				return evaluation
-			end
-		end	
-
 		if (value == nil) then 
 			value = "" 
 		end
@@ -102,12 +71,6 @@ local model = {
 		if (opt == "Contains") then
 			return contains(value, valueToCompare, isNegative, isIgnoreCase)		
 		end
-		if (opt == "StartsWith") then
-			return startsWith(value, valueToCompare, isNegative, isIgnoreCase)
-		end
-		if (opt == "EndsWith") then
-			return endsWith(value, valueToCompare, isNegative, isIgnoreCase)
-		end
 		if (opt == "EqualsAny") then
 			return equalsAny(value, valuesToCompare, isNegative, isIgnoreCase)
 		end

SDK/ComparisonOperatorHelper.lua

@@ -37,7 +37,6 @@ local model = {
 					if (utils.isTable(triggerPart) == false) then
 						return false
 					end
-				
 					if (evaluateTriggerPart(triggerPart, currentPageUrl, request)) then
 						return true
 					end
@@ -48,7 +47,6 @@ local model = {
 					if (utils.isTable(triggerPart) == false) then
 						return false
 					end
-
 					if (evaluateTriggerPart(triggerPart, currentPageUrl, request) == false) then
 						return false
 					end